From a164cf553eb9606b9458cbad057532a19aee01d9 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:08:49 +0100 Subject: [PATCH 01/16] Convert documentation to puppet-strings --- manifests/init.pp | 23 ++++++++--------------- manifests/install.pp | 5 +++-- manifests/params.pp | 3 ++- 3 files changed, 13 insertions(+), 18 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 427d8f7..9a5a774 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,24 +1,17 @@ -# == Class: gnupg +# @summary Manage gnupg and public key entries # -# Manage gnupg and public key entries -# -# === Parameters -# -# [*package_ensure*] -# Remove or install the s3tools package. Possible values -# present or absent, however most of modern Linux distros relays on +# @param package_ensure +# Remove or install the gnupg package. Possible values +# present or absent, however most of modern Linux distros rely on # gnupg so you shouldn't remove the package # -# [*package_name*] +# @param package_name # name of the package usually gnupg/gnupg2 depends of the distro # -# === Examples -# -# include gnupg -# -# === Authors +# @example Basic installation +# include gnupg # -# Dejan Golja +# @author Dejan Golja # class gnupg( $package_ensure = $gnupg::params::package_ensure, diff --git a/manifests/install.pp b/manifests/install.pp index 1916794..369f57c 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -1,4 +1,5 @@ -# +# @summary Install the package +# @api private class gnupg::install { package { 'gnupg': @@ -6,4 +7,4 @@ name => $gnupg::package_name, } -} \ No newline at end of file +} diff --git a/manifests/params.pp b/manifests/params.pp index 70e5773..8dc13cd 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,4 +1,5 @@ -# PRIVATE CLASS: do not use directly +# @summary Set module defaults +# @api private class gnupg::params { $package_ensure = 'present' From c787374d7effe0a411eb66e3da01a80aa68c0275 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:17:24 +0100 Subject: [PATCH 02/16] Make whitespace consistent --- manifests/init.pp | 3 +-- manifests/params.pp | 2 -- tests/gnupg_key.pp | 10 +++++----- 3 files changed, 6 insertions(+), 9 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 9a5a774..bb180af 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,10 +13,9 @@ # # @author Dejan Golja # -class gnupg( +class gnupg ( $package_ensure = $gnupg::params::package_ensure, $package_name = $gnupg::params::package_name, ) inherits gnupg::params { - class {'::gnupg::install': } } diff --git a/manifests/params.pp b/manifests/params.pp index 8dc13cd..878e3cc 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,7 +1,6 @@ # @summary Set module defaults # @api private class gnupg::params { - $package_ensure = 'present' case $::osfamily { @@ -27,5 +26,4 @@ fail("Osfamily ${::osfamily} is not supported") } } - } diff --git a/tests/gnupg_key.pp b/tests/gnupg_key.pp index a3b9a21..ded0171 100644 --- a/tests/gnupg_key.pp +++ b/tests/gnupg_key.pp @@ -12,29 +12,29 @@ key_source => 'http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key', } -gnupg_key {'root_remove': +gnupg_key { 'root_remove': ensure => absent, key_id => D50582E6, user => root, } -gnupg_key {'add_key_by_remote_source': +gnupg_key { 'add_key_by_remote_source': ensure => present, key_id => F657C4B7, user => root, key_source => 'puppet:///modules/gnupg/random.key', } -gnupg_key {'add_key_by_local_source': +gnupg_key { 'add_key_by_local_source': ensure => present, key_id => F657C4B7, user => root, key_source => '/home/foo/public.key', } -gnupg_key {'add_key_by_local_source_file': +gnupg_key { 'add_key_by_local_source_file': ensure => present, key_id => F657C4B5, user => root, key_source => 'file:///home/foo/public.key', -} \ No newline at end of file +} From 47d031790dd17c6f549ec39600082c3f27a9b9ff Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:11:59 +0100 Subject: [PATCH 03/16] Remove trivial private class and inline --- manifests/init.pp | 5 ++++- manifests/install.pp | 10 ---------- spec/classes/gnupg_init_spec.rb | 2 -- 3 files changed, 4 insertions(+), 13 deletions(-) delete mode 100644 manifests/install.pp diff --git a/manifests/init.pp b/manifests/init.pp index bb180af..922eda0 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -17,5 +17,8 @@ $package_ensure = $gnupg::params::package_ensure, $package_name = $gnupg::params::package_name, ) inherits gnupg::params { - class {'::gnupg::install': } + package { 'gnupg': + ensure => $package_ensure, + name => $package_name, + } } diff --git a/manifests/install.pp b/manifests/install.pp deleted file mode 100644 index 369f57c..0000000 --- a/manifests/install.pp +++ /dev/null @@ -1,10 +0,0 @@ -# @summary Install the package -# @api private -class gnupg::install { - - package { 'gnupg': - ensure => $gnupg::package_ensure, - name => $gnupg::package_name, - } - -} diff --git a/spec/classes/gnupg_init_spec.rb b/spec/classes/gnupg_init_spec.rb index 0838683..b265470 100644 --- a/spec/classes/gnupg_init_spec.rb +++ b/spec/classes/gnupg_init_spec.rb @@ -9,8 +9,6 @@ let(:facts) {{ :osfamily => system }} end - it { expect contain_class('gnupg::install') } - describe "gnupg on system #{system}" do context "when enabled" do From 93094001be816e2c12e5166637e1a5ddc20e83ba Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:15:09 +0100 Subject: [PATCH 04/16] Inline package_ensure parameter and add data types --- manifests/init.pp | 4 ++-- manifests/params.pp | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 922eda0..6d26512 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -14,8 +14,8 @@ # @author Dejan Golja # class gnupg ( - $package_ensure = $gnupg::params::package_ensure, - $package_name = $gnupg::params::package_name, + String[1] $package_ensure = 'present', + String[1] $package_name = $gnupg::params::package_name, ) inherits gnupg::params { package { 'gnupg': ensure => $package_ensure, diff --git a/manifests/params.pp b/manifests/params.pp index 878e3cc..9559cdf 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,8 +1,6 @@ # @summary Set module defaults # @api private class gnupg::params { - $package_ensure = 'present' - case $::osfamily { 'Debian': { $package_name ='gnupg' From 8efa71a779bee1d2504963eade893f908c53fe49 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:06:38 +0100 Subject: [PATCH 05/16] Convert module infrastructure to Vox Pupuli --- .github/workflows/ci.yml | 15 +++++++ .gitignore | 27 ++++++++---- .pmtignore | 37 ++++++++++++++++ .travis.yml | 17 -------- Gemfile | 51 +++++++++++----------- Rakefile | 80 +++++++++++++++++++++++++++++----- spec/acceptance/class_spec.rb | 4 +- spec/spec.opts | 4 -- spec/spec_helper.rb | 6 ++- spec/spec_helper_acceptance.rb | 41 +++-------------- 10 files changed, 175 insertions(+), 107 deletions(-) create mode 100644 .github/workflows/ci.yml create mode 100644 .pmtignore delete mode 100644 .travis.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..50a4d58 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,15 @@ +--- +name: CI + +on: pull_request + +concurrency: + group: ${{ github.ref_name }} + cancel-in-progress: true + +jobs: + puppet: + name: Puppet + uses: voxpupuli/gha-puppet/.github/workflows/beaker.yml@v1 + with: + pidfile_workaround: 'false' diff --git a/.gitignore b/.gitignore index 64d3d11..e9b3cf4 100644 --- a/.gitignore +++ b/.gitignore @@ -1,11 +1,20 @@ -.project -spec/fixtures -.rspec_system -pkg/* -log/* -.DS_Store +pkg/ Gemfile.lock -junit/* +Gemfile.local +vendor/ +.vendor/ +spec/fixtures/manifests/ +spec/fixtures/modules/ .vagrant/ -.bundle -vendor +.bundle/ +.ruby-version +coverage/ +log/ +.idea/ +.dependencies/ +.librarian/ +Puppetfile.lock +*.iml +.*.sw? +.yardoc/ +Guardfile diff --git a/.pmtignore b/.pmtignore new file mode 100644 index 0000000..65f5051 --- /dev/null +++ b/.pmtignore @@ -0,0 +1,37 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +docs/ +pkg/ +Gemfile +Gemfile.lock +Gemfile.local +vendor/ +.vendor/ +spec/ +Rakefile +.vagrant/ +.bundle/ +.ruby-version +coverage/ +log/ +.idea/ +.dependencies/ +.github/ +.librarian/ +Puppetfile.lock +*.iml +.editorconfig +.fixtures.yml +.gitignore +.msync.yml +.overcommit.yml +.pmtignore +.rspec +.rspec_parallel +.rubocop.yml +.sync.yml +.*.sw? +.yardoc/ +.yardopts +Dockerfile diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 23e9b34..0000000 --- a/.travis.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -language: ruby -bundler_args: --without system_tests -script: "bundle exec rake test SPEC_OPTS='--format documentation'" -matrix: - fast_finish: true - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" -notifications: - email: dejan@golja.org diff --git a/Gemfile b/Gemfile index e37a38f..b3827ba 100644 --- a/Gemfile +++ b/Gemfile @@ -1,33 +1,34 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test do - gem 'rake', :require => false - gem 'rspec-core','~> 3.1.7', :require => false - gem 'rspec-puppet', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'puppet-lint', :require => false - gem 'puppet_facts', :require => false - gem 'json', :require => false - gem 'metadata-json-lint', :require => false +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +source ENV['GEM_SOURCE'] || 'https://rubygems.org' + +group :test do + gem 'voxpupuli-test', '~> 5.4', :require => false + gem 'coveralls', :require => false + gem 'simplecov-console', :require => false + gem 'puppet_metadata', '~> 2.0', :require => false end -group :system_tests do - gem 'beaker', '~> 2.4', :require => false - gem 'beaker-rspec', :require => false - gem 'serverspec', :require => false - gem 'rspec-system-puppet', :require => false +group :development do + gem 'guard-rake', :require => false + gem 'overcommit', '>= 0.39.1', :require => false end -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false +group :system_tests do + gem 'voxpupuli-acceptance', '~> 1.0', :require => false end -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false +group :release do + gem 'github_changelog_generator', '>= 1.16.1', :require => false if RUBY_VERSION >= '2.5' + gem 'voxpupuli-release', '>= 1.2.0', :require => false + gem 'puppet-strings', '>= 2.2', :require => false end -# vim:ft=ruby +gem 'rake', :require => false +gem 'facter', ENV['FACTER_GEM_VERSION'], :require => false, :groups => [:test] + +puppetversion = ENV['PUPPET_GEM_VERSION'] || '>= 6.0' +gem 'puppet', puppetversion, :require => false, :groups => [:test] + +# vim: syntax=ruby diff --git a/Rakefile b/Rakefile index ed6717e..3ab8679 100644 --- a/Rakefile +++ b/Rakefile @@ -1,16 +1,72 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send("disable_80chars") -PuppetLint.configuration.send('disable_class_parameter_defaults') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}" +# Attempt to load voxpupuli-test (which pulls in puppetlabs_spec_helper), +# otherwise attempt to load it directly. +begin + require 'voxpupuli/test/rake' +rescue LoadError + begin + require 'puppetlabs_spec_helper/rake_tasks' + rescue LoadError + end +end -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.ignore_paths = ["pkg/**/*", "vendor/**/*", "spec/**/*"] +# load optional tasks for acceptance +# only available if gem group releases is installed +begin + require 'voxpupuli/acceptance/rake' +rescue LoadError +end -desc "Run syntax, lint, and beaker tests." -task :test => [:validate, :lint, :spec] +# load optional tasks for releases +# only available if gem group releases is installed +begin + require 'voxpupuli/release/rake_tasks' +rescue LoadError +end +desc "Run main 'test' task and report merged results to coveralls" +task test_with_coveralls: [:test] do + if Dir.exist?(File.expand_path('../lib', __FILE__)) + require 'coveralls/rake/task' + Coveralls::RakeTask.new + Rake::Task['coveralls:push'].invoke + else + puts 'Skipping reporting to coveralls. Module has no lib dir' + end +end + +desc 'Generate REFERENCE.md' +task :reference, [:debug, :backtrace] do |t, args| + patterns = '' + Rake::Task['strings:generate:reference'].invoke(patterns, args[:debug], args[:backtrace]) +end + +begin + require 'github_changelog_generator/task' + require 'puppet_blacksmith' + GitHubChangelogGenerator::RakeTask.new :changelog do |config| + metadata = Blacksmith::Modulefile.new + config.future_release = "v#{metadata.version}" if metadata.version =~ /^\d+\.\d+.\d+$/ + config.header = "# Changelog\n\nAll notable changes to this project will be documented in this file.\nEach new release typically also includes the latest modulesync defaults.\nThese should not affect the functionality of the module." + config.exclude_labels = %w{duplicate question invalid wontfix wont-fix modulesync skip-changelog} + config.user = 'dgolja' + config.project = 'golja-gnupg' + end + + # Workaround for https://github.com/github-changelog-generator/github-changelog-generator/issues/715 + require 'rbconfig' + if RbConfig::CONFIG['host_os'] =~ /linux/ + task :changelog do + puts 'Fixing line endings...' + changelog_file = File.join(__dir__, 'CHANGELOG.md') + changelog_txt = File.read(changelog_file) + new_contents = changelog_txt.gsub(%r{\r\n}, "\n") + File.open(changelog_file, "w") {|file| file.puts new_contents } + end + end + +rescue LoadError +end +# vim: syntax=ruby diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index c0cc09b..a9ae7b6 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'gnupg class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do +describe 'gnupg class' do case fact('osfamily') when 'RedHat' package_name = 'gnupg2' @@ -25,4 +25,4 @@ class { 'gnupg': } end -end \ No newline at end of file +end diff --git a/spec/spec.opts b/spec/spec.opts index 91cd642..616c433 100644 --- a/spec/spec.opts +++ b/spec/spec.opts @@ -1,6 +1,2 @@ ---format -s --colour ---loadby -mtime --backtrace diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index f64ca3e..0f0013f 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,5 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/module_spec_helper' +# frozen_string_literal: true +require 'voxpupuli/test/spec_helper' + +add_mocked_facts! diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index a3c593d..1e48991 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,48 +1,17 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' +# frozen_string_literal: true +require 'voxpupuli/acceptance/spec_helper_acceptance' -unless ENV['RS_PROVISION'] == 'no' - # This will install the latest available package on el and deb based - # systems fail on windows and osx, and install via gem on other *nixes - foss_opts = { :default_action => 'gem_install' } - if default.is_pe?; then install_pe; else install_puppet( foss_opts ); end - - hosts.each do |host| - if host['platform'] =~ /debian/ - on host, 'echo \'export PATH=/var/lib/gems/1.8/bin/:${PATH}\' >> ~/.bashrc' - end - - on host, "mkdir -p #{host['distmoduledir']}" - end -end - -UNSUPPORTED_PLATFORMS = ['Suse','windows','AIX','Solaris'] +configure_beaker module LocalHelpers - def gpg(gpg_cmd, options = {:user => 'root', :acceptable_exit_codes => [0]}, &block) - user = options.delete(:user) + def gpg(gpg_cmd, user: 'root', **options, &block) + options[:acceptable_exit_codes] ||= [0] gpg = "gpg #{gpg_cmd}" shell("su #{user} -c \"#{gpg}\"", options, &block) end end RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Include in our local helpers, because some puppet images run - # as diffrent users c.include ::LocalHelpers - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => 'gnupg') - end - end end From c1d0a9efbc999c7bd90bb33564c9deee0099a43b Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:06:06 +0100 Subject: [PATCH 06/16] Remove rspec-system tests There already are beaker-rspec tests, which is the modern way. --- spec/spec_helper_system.rb | 66 ----------- spec/system/gnupg_key_install_spec.rb | 152 -------------------------- spec/system/install_spec.rb | 16 --- 3 files changed, 234 deletions(-) delete mode 100644 spec/spec_helper_system.rb delete mode 100644 spec/system/gnupg_key_install_spec.rb delete mode 100644 spec/system/install_spec.rb diff --git a/spec/spec_helper_system.rb b/spec/spec_helper_system.rb deleted file mode 100644 index e37e880..0000000 --- a/spec/spec_helper_system.rb +++ /dev/null @@ -1,66 +0,0 @@ -require 'rspec-system/spec_helper' -require 'rspec-system-puppet/helpers' -require 'rspec-system-serverspec/helpers' -require 'tempfile' - -include Serverspec::Helper::RSpecSystem -include Serverspec::Helper::DetectOS -include RSpecSystemPuppet::Helpers - -class String - # Provide ability to remove indentation from strings, for the purpose of - # left justifying heredoc blocks. - def unindent - gsub(/^#{scan(/^\s*/).min_by{|l|l.length}}/, "") - end -end - -module LocalHelpers - include RSpecSystem::Util - - def gpg(gpg_cmd, user = 'root', &block) - gpg = "gpg #{gpg_cmd}" - shell("su #{shellescape(user)} -c #{shellescape(gpg)}", &block) - end -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Enable colour - c.tty = true - - # Include in our local helpers, because some puppet images run - # as diffrent users - c.include ::LocalHelpers - - # Puppet helpers - c.include RSpecSystemPuppet::Helpers - c.extend RSpecSystemPuppet::Helpers - - # This is where we 'setup' the nodes before running our tests - c.before :suite do - # Install puppet - puppet_install - - # Install my module from the current working copy - puppet_module_install(:source => proj_root, :module_name => 'gnupg') - shell 'whoami' - shell 'puppet module list' - - # disable hiera warnings - file = Tempfile.new('foo') - begin - file.write(<<-EOS) ---- -:logger: noop - EOS - file.close - rcp(:sp => file.path, :dp => '/etc/puppet/hiera.yaml') - ensure - file.unlink - end - end -end - diff --git a/spec/system/gnupg_key_install_spec.rb b/spec/system/gnupg_key_install_spec.rb deleted file mode 100644 index 775a08d..0000000 --- a/spec/system/gnupg_key_install_spec.rb +++ /dev/null @@ -1,152 +0,0 @@ -require 'spec_helper_system' - -describe 'gnupg_key install' do - - before :all do - puppet_apply("class {'gnupg': } ") do |r| - r.exit_code.should == 0 - end - end - - it 'should install a public key from a HTTP URL address' do - pp = <<-EOS.unindent - gnupg_key { 'jenkins_key': - ensure => present, - user => 'root', - key_source => 'http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key', - key_id => 'D50582E6', - } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - - # check that gnupg installed the key - gpg("--list-keys D50582E6") do |r| - r.stdout.should =~ /D50582E6/ - r.stderr.should == '' - r.exit_code == 0 - end - end - - it 'should install a public key from a HTTPS URL address' do - pp = <<-EOS.unindent - gnupg_key { 'newrelic_key': - ensure => present, - user => 'root', - key_source => 'https://download.newrelic.com/548C16BF.gpg', - key_id => '548C16BF', - } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - - # check that gnupg installed the key - gpg("--list-keys 548C16BF") do |r| - r.stdout.should =~ /548C16BF/ - r.stderr.should == '' - r.exit_code == 0 - end - end - - it 'should install a public key from a key server' do - pp = <<-EOS.unindent - gnupg_key { 'root_key_foo': - ensure => present, - user => 'root', - key_server => 'hkp://pgp.mit.edu/', - key_id => '20BC0A86', - } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - - # check that gnupg installed the key - gpg("--list-keys 20BC0A86") do |r| - r.stdout.should =~ /20BC0A86/ - r.stderr.should == '' - r.exit_code == 0 - end - end - - it 'should remove public key 20BC0A86' do - pp = <<-EOS.unindent - gnupg_key { 'bye_bye_key': - ensure => absent, - key_id => 20BC0A86, - user => root, - } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - end - - it 'should install public key from the puppet fileserver/module repository' do - pp = <<-EOS.unindent - gnupg_key {'add_key_by_remote_source': - ensure => present, - key_id => 20BC0A86, - user => root, - key_source => "puppet:///modules/gnupg/random.key", - } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - - # check that gnupg installed the key - gpg("--list-keys 20BC0A86") do |r| - r.stdout.should =~ /20BC0A86/ - r.stderr.should == '' - r.exit_code == 0 - end - end - - it 'should not install a public key, because local resource does not exists' do - pp = <<-EOS.unindent - gnupg_key { 'jenkins_key': - ensure => present, - user => 'root', - key_source => '/santa/claus/does/not/exists/org/sorry/kids.key', - key_id => '40404040', - } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 4 - end - end - - it 'should fail to install a public key, because there is no content at the supplied URL address' do - pp = <<-EOS.unindent - gnupg_key { 'jenkins_key': - ensure => present, - user => 'root', - key_source => 'http://foo.com/key-not-there.key', - key_id => '40404040', - } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 4 - end - end -end diff --git a/spec/system/install_spec.rb b/spec/system/install_spec.rb deleted file mode 100644 index 1a4e906..0000000 --- a/spec/system/install_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'spec_helper_system' - -describe 'install gnupg:' do - - it 'test loading class with no arguments' do - pp = <<-EOS.unindent - class {'gnupg':} - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 0 - r.refresh - r.exit_code.should == 0 - end - end -end From 5f82b97e98bc08c429d5e2b44d16e4268f7adbea Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 27 Dec 2022 23:06:13 +0100 Subject: [PATCH 07/16] Remove nodesets These are all outdated and the modern way is to use beaker-hostgenerator to generate these on the fly. --- spec/acceptance/nodesets/centos-59-x64.yml | 10 ---------- spec/acceptance/nodesets/centos-64-x64-pe.yml | 12 ------------ spec/acceptance/nodesets/centos-64-x64.yml | 11 ----------- spec/acceptance/nodesets/centos-65-x64.yml | 10 ---------- spec/acceptance/nodesets/debian-607-x64.yml | 11 ----------- spec/acceptance/nodesets/debian-70rc1-x64.yml | 11 ----------- spec/acceptance/nodesets/debian-73-i386.yml | 11 ----------- spec/acceptance/nodesets/debian-73-x64.yml | 11 ----------- spec/acceptance/nodesets/default.yml | 11 ----------- spec/acceptance/nodesets/ubuntu-server-10044-x64.yml | 10 ---------- spec/acceptance/nodesets/ubuntu-server-12042-x64.yml | 10 ---------- spec/acceptance/nodesets/ubuntu-server-1310-x64.yml | 11 ----------- spec/acceptance/nodesets/ubuntu-server-1404-x64.yml | 11 ----------- 13 files changed, 140 deletions(-) delete mode 100644 spec/acceptance/nodesets/centos-59-x64.yml delete mode 100644 spec/acceptance/nodesets/centos-64-x64-pe.yml delete mode 100644 spec/acceptance/nodesets/centos-64-x64.yml delete mode 100644 spec/acceptance/nodesets/centos-65-x64.yml delete mode 100644 spec/acceptance/nodesets/debian-607-x64.yml delete mode 100644 spec/acceptance/nodesets/debian-70rc1-x64.yml delete mode 100644 spec/acceptance/nodesets/debian-73-i386.yml delete mode 100644 spec/acceptance/nodesets/debian-73-x64.yml delete mode 100644 spec/acceptance/nodesets/default.yml delete mode 100644 spec/acceptance/nodesets/ubuntu-server-10044-x64.yml delete mode 100644 spec/acceptance/nodesets/ubuntu-server-12042-x64.yml delete mode 100644 spec/acceptance/nodesets/ubuntu-server-1310-x64.yml delete mode 100644 spec/acceptance/nodesets/ubuntu-server-1404-x64.yml diff --git a/spec/acceptance/nodesets/centos-59-x64.yml b/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b8..0000000 --- a/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/spec/acceptance/nodesets/centos-64-x64-pe.yml b/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f..0000000 --- a/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/spec/acceptance/nodesets/centos-64-x64.yml b/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index ce47212..0000000 --- a/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/centos-65-x64.yml b/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb80..0000000 --- a/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/debian-607-x64.yml b/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index e642e09..0000000 --- a/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/debian-70rc1-x64.yml b/spec/acceptance/nodesets/debian-70rc1-x64.yml deleted file mode 100644 index cbbbfb2..0000000 --- a/spec/acceptance/nodesets/debian-70rc1-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-70rc1-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-70rc1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-70rc1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/debian-73-i386.yml b/spec/acceptance/nodesets/debian-73-i386.yml deleted file mode 100644 index a38902d..0000000 --- a/spec/acceptance/nodesets/debian-73-i386.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-73-i386: - roles: - - master - platform: debian-7-i386 - box : debian-73-i386-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-i386-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/debian-73-x64.yml b/spec/acceptance/nodesets/debian-73-x64.yml deleted file mode 100644 index f9cf0c9..0000000 --- a/spec/acceptance/nodesets/debian-73-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-73-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-73-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml deleted file mode 100644 index ce47212..0000000 --- a/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514..0000000 --- a/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b30..0000000 --- a/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml b/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml deleted file mode 100644 index f4b2366..0000000 --- a/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1310-x64: - roles: - - master - platform: ubuntu-13.10-amd64 - box : ubuntu-server-1310-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-1310-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd0..0000000 --- a/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git From 51bdd3048791deab361ccf825b03607c5683d9b6 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:20:26 +0100 Subject: [PATCH 08/16] Use rspec-puppet-facts This allows using modern facts --- spec/classes/gnupg_init_spec.rb | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/spec/classes/gnupg_init_spec.rb b/spec/classes/gnupg_init_spec.rb index b265470..f41caf7 100644 --- a/spec/classes/gnupg_init_spec.rb +++ b/spec/classes/gnupg_init_spec.rb @@ -1,15 +1,9 @@ require 'spec_helper' -describe 'gnupg', :type => :class do - - ['RedHat', 'Debian', 'Linux', 'Suse'].each do |system| - if system == 'Linux' - let(:facts) {{ :osfamily => 'Linux', :operatingsystem => 'Amazon' }} - else - let(:facts) {{ :osfamily => system }} - end - - describe "gnupg on system #{system}" do +describe 'gnupg' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } context "when enabled" do let(:params) {{ @@ -17,7 +11,7 @@ :package_name => 'gnupg' }} - it { expect contain_package('gnupg').with({ + it { is_expected.to contain_package('gnupg').with({ 'ensure' => 'present'}) } end @@ -28,8 +22,8 @@ :package_name => 'gnupg' }} - it { expect contain_package('gnupg').with({ - 'ensure' => 'absent'}) + it { is_expected.to contain_package('gnupg').with({ + 'ensure' => 'absent'}) } end end From f90f90e468c813647ba100f3a264af57dee09d3b Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:20:51 +0100 Subject: [PATCH 09/16] Use modern facts --- manifests/params.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 9559cdf..8e10191 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,7 +1,7 @@ # @summary Set module defaults # @api private class gnupg::params { - case $::osfamily { + case $facts['os']['family'] { 'Debian': { $package_name ='gnupg' } @@ -13,15 +13,15 @@ } 'Linux': { - if $::operatingsystem == 'Amazon' { + if $facts['os']['name'] == 'Amazon' { $package_name = 'gnupg2' } else { - fail("Osfamily ${::osfamily} with operating system ${::operatingsystem} is not supported") + fail("Osfamily ${facts['os']['family']} with operating system ${facts['os']['name']} is not supported") } } default: { - fail("Osfamily ${::osfamily} is not supported") + fail("Osfamily ${facts['os']['family']} is not supported") } } } From dbb561e21d965b7a3ac9827f78d77a2701a874e7 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:22:19 +0100 Subject: [PATCH 10/16] Update metadata to current OSes and Puppet --- metadata.json | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/metadata.json b/metadata.json index d613579..786b853 100644 --- a/metadata.json +++ b/metadata.json @@ -4,7 +4,7 @@ "author": "Dejan Golja", "summary": "Manage gnupg package and public keys", "license": "Apache-2.0", - "source": "git://github.com/n1tr0g/golja-gnupg.git", + "source": "https://github.com/n1tr0g/golja-gnupg.git", "project_page": "https://github.com/n1tr0g/golja-gnupg", "issues_url": "https://github.com/n1tr0g/golja-gnupg/issues", "operatingsystem_support": [ @@ -13,22 +13,24 @@ "operatingsystemrelease": [ "5", "6", - "7" + "7", + "8", + "9" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ - "5", - "6", - "7" + "7", + "8", + "9" ] }, { "operatingsystem": "Debian", "operatingsystemrelease": [ - "6", - "7" + "10", + "11" ] }, { @@ -41,20 +43,16 @@ { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" + "18.04", + "20.04", + "22.04" ] } ], "requirements": [ { "name": "puppet", - "version_requirement": ">=3.0.0 <4.0.0" - }, - { - "name": "pe", - "version_requirement": ">=3.0.0 <4.0.0" + "version_requirement": ">=6.1.0 <8.0.0" } ], "tags": [ @@ -62,6 +60,5 @@ "pgp" ], "dependencies": [ - ] } From 62f3bbd7081e5eca6029d91d1c94059414e1a631 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:34:27 +0100 Subject: [PATCH 11/16] Move tests directory to examples --- {tests => example}/gnupg_key.pp | 0 {tests => example}/init.pp | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename {tests => example}/gnupg_key.pp (100%) rename {tests => example}/init.pp (100%) diff --git a/tests/gnupg_key.pp b/example/gnupg_key.pp similarity index 100% rename from tests/gnupg_key.pp rename to example/gnupg_key.pp diff --git a/tests/init.pp b/example/init.pp similarity index 100% rename from tests/init.pp rename to example/init.pp From 414c349ecd667fc5cacba7fdc0e5c7bd6ee81401 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:34:44 +0100 Subject: [PATCH 12/16] Stop escaping URLs URI.parse has been removed in Ruby 3. This puts the burden on the caller in Puppet to provide escaped URLs. --- lib/puppet/type/gnupg_key.rb | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/lib/puppet/type/gnupg_key.rb b/lib/puppet/type/gnupg_key.rb index cf41983..eca4a3d 100644 --- a/lib/puppet/type/gnupg_key.rb +++ b/lib/puppet/type/gnupg_key.rb @@ -88,7 +88,7 @@ break if Puppet::Util.absolute_path?(source) begin - uri = URI.parse(URI.escape(source)) + uri = URI.parse(source) rescue => detail raise ArgumentError, "Could not understand source #{source}: #{detail}" end @@ -99,11 +99,8 @@ end munge do |source| - if %w{file}.include?(URI.parse(URI.escape(source)).scheme) - URI.parse(URI.escape(source)).path - else - source - end + parsed = URI.parse(source) + parsed.scheme == 'file' ? parsed.path : source end end @@ -113,7 +110,7 @@ validate do |server| if server - uri = URI.parse(URI.escape(server)) + uri = URI.parse(server) unless uri.is_a?(URI::HTTP) || uri.is_a?(URI::HTTPS) || uri.is_a?(URI::LDAP) || %w{hkp}.include?(uri.scheme) raise ArgumentError, "Invalid keyserver value #{server}" From 1c93b55207b502080442a4e41e31655e17e7f8c3 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:44:14 +0100 Subject: [PATCH 13/16] Use default node instead of master --- spec/acceptance/gnupg_key_install_spec.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/spec/acceptance/gnupg_key_install_spec.rb b/spec/acceptance/gnupg_key_install_spec.rb index b514dd1..f97c4cc 100644 --- a/spec/acceptance/gnupg_key_install_spec.rb +++ b/spec/acceptance/gnupg_key_install_spec.rb @@ -80,7 +80,7 @@ it 'should delete a public key' do - scp_to master, 'files/random.public.key', '/tmp/random.public.key' + scp_to default, 'files/random.public.key', '/tmp/random.public.key' gpg("--import /tmp/random.public.key") {} pp = <<-EOS @@ -126,7 +126,7 @@ end it 'should install public key from a local file path' do - scp_to master, 'files/random.public.key', '/tmp/random.public.key' + scp_to default, 'files/random.public.key', '/tmp/random.public.key' pp = <<-EOS gnupg_key { 'add_key_by_local_file_path': @@ -152,7 +152,7 @@ end it 'should install public key from a local file URL address' do - scp_to master, 'files/random.public.key', '/tmp/random.public.key' + scp_to default, 'files/random.public.key', '/tmp/random.public.key' pp = <<-EOS gnupg_key { 'add_key_by_local_file_url': @@ -249,7 +249,7 @@ end it 'should install private key from a local file path' do - scp_to master, 'files/random.private.key', '/tmp/random.private.key' + scp_to default, 'files/random.private.key', '/tmp/random.private.key' pp = <<-EOS gnupg_key { 'add_private_key_by_local_file_path': @@ -275,7 +275,7 @@ end it 'should install private key from a local file URL address' do - scp_to master, 'files/random.private.key', '/tmp/random.private.key' + scp_to default, 'files/random.private.key', '/tmp/random.private.key' pp = <<-EOS gnupg_key { 'add_private_key_by_local_file_path': @@ -328,7 +328,7 @@ it 'should delete a private key' do # importing a private key imports the public key as well - scp_to master, 'files/random.private.key', '/tmp/random.private.key' + scp_to default, 'files/random.private.key', '/tmp/random.private.key' gpg("--import /tmp/random.private.key") {} pp = <<-EOS @@ -360,7 +360,7 @@ it 'should delete both public and private key for key_id' do # importing a private key imports the public key as well - scp_to master, 'files/random.private.key', '/tmp/random.private.key' + scp_to default, 'files/random.private.key', '/tmp/random.private.key' gpg("--import /tmp/random.private.key") {} pp = <<-EOS From d0cb58c601436b79316f4441552be6339e5456dc Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 30 Oct 2022 13:48:09 +0100 Subject: [PATCH 14/16] Avoid string literals in acceptance tests In modern Puppet this can result in it trying to interpret the key IDs as numbers --- spec/acceptance/gnupg_key_install_spec.rb | 90 +++++++++++------------ 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/spec/acceptance/gnupg_key_install_spec.rb b/spec/acceptance/gnupg_key_install_spec.rb index f97c4cc..692450b 100644 --- a/spec/acceptance/gnupg_key_install_spec.rb +++ b/spec/acceptance/gnupg_key_install_spec.rb @@ -11,7 +11,7 @@ gnupg_key { 'jenkins_key': ensure => present, user => 'root', - key_type => public, + key_type => 'public', key_source => 'http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key', key_id => 'D50582E6', } @@ -35,7 +35,7 @@ gnupg_key { 'newrelic_key': ensure => present, user => 'root', - key_type => public, + key_type => 'public', key_source => 'https://download.newrelic.com/548C16BF.gpg', key_id => '548C16BF', } @@ -59,7 +59,7 @@ gnupg_key { 'root_key_foo': ensure => present, user => 'root', - key_type => public, + key_type => 'public', key_server => 'hkp://pgp.mit.edu/', key_id => '20BC0A86', } @@ -85,10 +85,10 @@ pp = <<-EOS gnupg_key { 'bye_bye_key': - ensure => absent, - user => root, - key_type => public, - key_id => 926FA9B9, + ensure => absent, + user => 'root', + key_type => 'public', + key_id => '926FA9B9', } EOS @@ -105,10 +105,10 @@ pp = <<-EOS gnupg_key { 'add_key_by_remote_source': ensure => present, - user => root, - key_type => public, - key_id => 926FA9B9, - key_source => "puppet:///modules/gnupg/random.public.key", + user => 'root', + key_type => 'public', + key_id => '926FA9B9', + key_source => 'puppet:///modules/gnupg/random.public.key', } EOS @@ -131,10 +131,10 @@ pp = <<-EOS gnupg_key { 'add_key_by_local_file_path': ensure => present, - user => root, - key_type => public, - key_id => 926FA9B9, - key_source => "/tmp/random.public.key", + user => 'root', + key_type => 'public', + key_id => '926FA9B9', + key_source => '/tmp/random.public.key', } EOS @@ -157,10 +157,10 @@ pp = <<-EOS gnupg_key { 'add_key_by_local_file_url': ensure => present, - user => root, - key_type => public, - key_id => 926FA9B9, - key_source => "file:///tmp/random.public.key", + user => 'root', + key_type => 'public', + key_id => '926FA9B9', + key_source => 'file:///tmp/random.public.key', } EOS @@ -183,10 +183,10 @@ pp = <<-EOS gnupg_key { 'public_key_from_string_content': ensure => present, - user => root, - key_id => 926FA9B9, - key_type => public, - key_content => "#{key}" + user => 'root', + key_id => '926FA9B9', + key_type => 'public', + key_content => '#{key}', } EOS @@ -210,10 +210,10 @@ pp = <<-EOS gnupg_key { 'public_key_from_invalid_string_content': ensure => present, - user => root, - key_id => 926FA9B9, - key_type => public, - key_content => "#{key}" + user => 'root', + key_id => '926FA9B9', + key_type => 'public', + key_content => '#{key}', } EOS @@ -225,7 +225,7 @@ gnupg_key { 'jenkins_key': ensure => present, user => 'root', - key_type => public, + key_type => 'public', key_source => '/santa/claus/does/not/exists/org/sorry/kids.key', key_id => '40404040', } @@ -239,7 +239,7 @@ gnupg_key { 'jenkins_key': ensure => present, user => 'root', - key_type => public, + key_type => 'public', key_source => 'http://foo.com/key-not-there.key', key_id => '40404040', } @@ -254,9 +254,9 @@ pp = <<-EOS gnupg_key { 'add_private_key_by_local_file_path': ensure => present, - user => root, - key_id => 926FA9B9, - key_type => private, + user => 'root', + key_id => '926FA9B9', + key_type => 'private', key_source => '/tmp/random.private.key' } EOS @@ -280,9 +280,9 @@ pp = <<-EOS gnupg_key { 'add_private_key_by_local_file_path': ensure => present, - user => root, - key_id => 926FA9B9, - key_type => private, + user => 'root', + key_id => '926FA9B9', + key_type => 'private', key_source => 'file:///tmp/random.private.key' } EOS @@ -306,10 +306,10 @@ pp = <<-EOS gnupg_key { 'private_key_from_string_content': ensure => present, - user => root, - key_id => 926FA9B9, - key_type => private, - key_content => "#{key}" + user => 'root', + key_id => '926FA9B9', + key_type => 'private', + key_content => '#{key}', } EOS @@ -334,9 +334,9 @@ pp = <<-EOS gnupg_key { 'bye_bye_key': ensure => absent, - user => root, - key_id => 926FA9B9, - key_type => private + user => 'root', + key_id => '926FA9B9', + key_type => 'private', } EOS @@ -366,9 +366,9 @@ pp = <<-EOS gnupg_key { 'bye_bye_key': ensure => absent, - user => root, - key_id => 926FA9B9, - key_type => both + user => 'root', + key_id => '926FA9B9', + key_type => 'both', } EOS From d93c04cd95ad1c076d376bfe56214f39a7311637 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 8 Jan 2023 16:52:16 +0100 Subject: [PATCH 15/16] Clean up README.md --- README.md | 163 ++++++++++++++---------------------------------------- 1 file changed, 40 insertions(+), 123 deletions(-) diff --git a/README.md b/README.md index 3b5242d..3faccef 100644 --- a/README.md +++ b/README.md @@ -1,36 +1,36 @@ -#GnuPG puppet module +# GnuPG puppet module -####Table of Contents +#### Table of Contents 1. [Overview](##overview) 2. [Installation](##Installation) -3. [Usage - Configuration options and additional functionality](@#usage) +3. [Usage - Configuration options and additional functionality](##usage) 4. [Reference - An under-the-hood peek at what the module is doing and how](##reference) 5. [Limitations - OS compatibility, etc.](##limitations) 6. [Development - Guide for contributing to the module](##development) 7. [License](##license) -##Overview +## Overview Install GnuPG on Ubuntu/Debian/RedHat/CentOS/Amazon AMI and manage users public keys. -Tested with Tavis CI +[![Puppet Forge](http://img.shields.io/puppetforge/v/golja/gnupg.svg)](https://forge.puppetlabs.com/golja/gnupg) -NOTE: For puppet 2.7.x supported module please use version 0.X.X +## Installation -[![Build Status](https://travis-ci.org/n1tr0g/golja-gnupg.png)](https://travis-ci.org/n1tr0g/golja-gnupg) [![Puppet Forge](http://img.shields.io/puppetforge/v/golja/gnupg.svg)](https://forge.puppetlabs.com/golja/gnupg) - -##Installation - - $ puppet module install golja/gnupg +```console +$ puppet module install golja/gnupg +``` -##Usage +## Usage -####Install GnuPG package +#### Install GnuPG package - include '::gnupg' +```puppet +include gnupg +``` -####Add public key 20BC0A86 from PGP server from hkp://pgp.mit.edu/ to user root +#### Add public key 20BC0A86 from PGP server from hkp://pgp.mit.edu/ to user root ```puppet gnupg_key { 'hkp_server_20BC0A86': @@ -42,7 +42,7 @@ gnupg_key { 'hkp_server_20BC0A86': } ``` -####Add public key D50582E6 from standard http URI to user foo +#### Add public key D50582E6 from standard http URI to user foo ```puppet gnupg_key { 'jenkins_foo_key': @@ -54,7 +54,7 @@ gnupg_key { 'jenkins_foo_key': } ``` -####Add public key D50582E6 from puppet fileserver to user foo +#### Add public key D50582E6 from puppet fileserver to user foo ```puppet gnupg_key { 'jenkins_foo_key': @@ -66,7 +66,7 @@ gnupg_key { 'jenkins_foo_key': } ``` -####Add public key D50582E6 from puppet fileserver to user bar via a string value +#### Add public key D50582E6 from puppet fileserver to user bar via a string value ```puppet gnupg_key { 'jenkins_foo_key': @@ -79,7 +79,7 @@ gnupg_key { 'jenkins_foo_key': ``` *Note*: You should use hiera lookup to get the key content -####Remove public key 20BC0A86 from user root +#### Remove public key 20BC0A86 from user root ```puppet gnupg_key {'root_remove': @@ -90,7 +90,7 @@ gnupg_key {'root_remove': } ``` -###Remove both private and public key 20BC0A66 +### Remove both private and public key 20BC0A66 ```puppet gnupg_key {'root_remove': @@ -101,125 +101,42 @@ gnupg_key {'root_remove': } ``` -##Reference - -###Classes - -####gnupg - -#####`package_ensure` - -Valid value present/absent. In most cases you should never uninstall this package, -because most of the modern Linux distros rely on gnupg for package verification, etc -Default: present - -#####`package_name` - -Name of the GnuPG package. Default value determined by $::osfamily/$::operatingsystem facts - -####gnupg_key - -#####`ensure` - -**REQUIRED** - Valid value present/absent - -#####`user` - -**REQUIRED** - System username for who to store the public key. Also define the location of the -pubring (default ${HOME}/.gnupg/) - -#####`key_id` - -**REQUIRED** - Key ID. Usually the traditional 8-character key ID. Also accepted the -long more accurate (but less convenient) 16-character key ID. Accept only hexadecimal -values. - -#####`key_source` - -**REQUIRED** if `key_server` or `key_content` is not defined and `ensure` is present. -A source file containing PGP key. Values can be URIs pointing to remote files, -or fully qualified paths to files available on the local system. - -The available URI schemes are *puppet*, *https*, *http* and *file*. *Puppet* -URIs will retrieve files from Puppet's built-in file server, and are -usually formatted as: - -puppet:///modules/name_of_module/filename - -#####`key_server` +### Reference -**REQUIRED** if `key_source` or `key_content` is not defined and `ensure` is present. - -PGP key server from where to retrieve the public key. Valid URI schemes are -*http*, *https*, *ldap* and *hkp*. - -#####`key_content` - -**REQUIRED** if `key_server` or `key_source` is not defined and `ensure` is present. - -Provide the content of the key as a string. This is useful when the key is stored as a -hiera property and the consumer doesn't want to have to write that content to a file -before the gnupg_key resource executes. - - -#####`key_type` - -**OPTIONAL** - key type. Valid values (public|private|both). Default: public - -#####`proxy` - -**OPTIONAL** - use a http proxy url to access the keyserver, for example: http://proxy.corp.domain:80. Default: undef +Please see `REFERENCE.md`. ### Tests -There are two types of tests distributed with the module. Unit tests with rspec-puppet and system tests using rspec-system or beaker. - -For unit testing, make sure you have: - -* rake -* bundler +There are two types of tests distributed with the module. Unit tests with rspec-puppet and acceptance tests using Beaker. -Install the necessary gems: +For unit testing, make sure you have Ruby and bundler installed. Then install the necessary gems: - bundle install --path=vendor +```bash +bundle install --path=vendor +``` And then run the unit tests: - bundle exec rake spec - - -If you want to run the system tests, make sure you also have: - -* vagrant > 1.3.x -* Virtualbox > 4.2.10 - -Then run the tests using: - - bundle exec rake spec:system - -To run the tests on different operating systems, see the sets available in .nodeset.yml and run the specific set with the following syntax: - - RSPEC_SET=debian-607-x64 bundle exec rake spec:system +```bash +bundle exec rake spec +``` -Alernatively you can run beaker tests using: +To run the acceptance tests, for example on CentOS Stream 9: - bundle exec rake beaker +```bash +BEAKER_setfile=centos9-64 bundle exec rake acceptance +``` -##Limitations +See [voxpupuli-test](https://github.com/voxpupuli/voxpupuli-test#readme) and [voxpupuli-acceptance](https://github.com/voxpupuli/voxpupuli-acceptance#readme) for more details. -This module has been tested on: +## Limitations -* Debian 6/7 -* Ubuntu 12+ -* RedHat 5/6/7 -* CentOS 5/6/7 -* Amazon AMI +Please see `metadata.json` for OS and Puppet compatibility. -##Development +## Development -Please see CONTRIBUTING.md +Please see `CONTRIBUTING.md`. ## License -See LICENSE file - +See `LICENSE` file. From fd666210482f8a000a2fd7919f5c1c3d7238413f Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 8 Jan 2023 16:52:29 +0100 Subject: [PATCH 16/16] Update acceptance tests --- spec/acceptance/gnupg_key_install_spec.rb | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/spec/acceptance/gnupg_key_install_spec.rb b/spec/acceptance/gnupg_key_install_spec.rb index 692450b..026daa0 100644 --- a/spec/acceptance/gnupg_key_install_spec.rb +++ b/spec/acceptance/gnupg_key_install_spec.rb @@ -6,14 +6,15 @@ apply_manifest(pp, :catch_failures => true) end + # Technically this HTTP key redirects to HTTPS it 'should install a public key from a http URL address' do pp = <<-EOS gnupg_key { 'jenkins_key': ensure => present, user => 'root', key_type => 'public', - key_source => 'http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key', - key_id => 'D50582E6', + key_source => 'http://pkg.jenkins.io/debian/jenkins.io.key', + key_id => '62A9756BFD780C377CF24BA8FCEF32E745F2C3D5', } EOS @@ -21,8 +22,8 @@ apply_manifest(pp, :catch_changes => true) # check that gnupg installed the key - gpg("--list-keys D50582E6") do |r| - expect(r.stdout).to match(/D50582E6/) + gpg("--list-keys 62A9756BFD780C377CF24BA8FCEF32E745F2C3D5") do |r| + expect(r.stdout).to match(/62A9756BFD780C377CF24BA8FCEF32E745F2C3D5/) expect(r.exit_code).to eq(0) end @@ -36,8 +37,8 @@ ensure => present, user => 'root', key_type => 'public', - key_source => 'https://download.newrelic.com/548C16BF.gpg', - key_id => '548C16BF', + key_source => 'https://download.newrelic.com/infrastructure_agent/gpg/newrelic-infra.gpg', + key_id => 'A758B3FBCD43BE8D123A3476BB29EE038ECCE87C', } EOS @@ -45,13 +46,13 @@ apply_manifest(pp, :catch_changes => true) # check that gnupg installed the key - gpg("--list-keys 548C16BF") do |r| - expect(r.stdout).to match(/548C16BF/) + gpg("--list-keys A758B3FBCD43BE8D123A3476BB29EE038ECCE87C") do |r| + expect(r.stdout).to match(/A758B3FBCD43BE8D123A3476BB29EE038ECCE87C/) expect(r.exit_code).to eq(0) end # clean up - gpg("--batch --delete-key B60A3EC9BC013B9C23790EC8B31B29E5548C16BF") {} + gpg("--batch --delete-key A758B3FBCD43BE8D123A3476BB29EE038ECCE87C") {} end it 'should install a public key from a key server' do