diff --git a/.fixtures.yml b/.fixtures.yml
new file mode 100644
index 0000000..2296adb
--- /dev/null
+++ b/.fixtures.yml
@@ -0,0 +1,6 @@
+# This file can be used to install module dependencies for unit testing
+# See https://github.com/puppetlabs/puppetlabs_spec_helper#using-fixtures for details
+---
+fixtures:
+ forge_modules:
+# stdlib: "puppetlabs/stdlib"
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9032a01
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,5 @@
+*.rb eol=lf
+*.erb eol=lf
+*.pp eol=lf
+*.sh eol=lf
+*.epp eol=lf
diff --git a/.github/workflows/puppet-lint.yml b/.github/workflows/puppet-lint.yml
new file mode 100644
index 0000000..456468c
--- /dev/null
+++ b/.github/workflows/puppet-lint.yml
@@ -0,0 +1,11 @@
+name: Puppet Lint on: [push] jobs:
+ puppet-lint:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v2
+ - name: puppet-lint
+ uses: scottbrenner/puppet-lint-action@master
+ with:
+ args: ./
+
diff --git a/.gitignore b/.gitignore
index 5fff1d9..1bacca8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,28 @@
-pkg
+.git/
+.*.sw[op]
+.metadata
+.yardoc
+.yardwarns
+*.iml
+/.bundle/
+/.idea/
+/.vagrant/
+/coverage/
+/bin/
+/doc/
+/Gemfile.local
+/Gemfile.lock
+/junit/
+/log/
+/pkg/
+/spec/fixtures/manifests/
+/spec/fixtures/modules/
+/tmp/
+/vendor/
+/convert_report.txt
+/update_report.txt
+.DS_Store
+.project
+.envrc
+/inventory.yaml
+.vscode
diff --git a/.pdkignore b/.pdkignore
new file mode 100644
index 0000000..e6215cd
--- /dev/null
+++ b/.pdkignore
@@ -0,0 +1,42 @@
+.git/
+.*.sw[op]
+.metadata
+.yardoc
+.yardwarns
+*.iml
+/.bundle/
+/.idea/
+/.vagrant/
+/coverage/
+/bin/
+/doc/
+/Gemfile.local
+/Gemfile.lock
+/junit/
+/log/
+/pkg/
+/spec/fixtures/manifests/
+/spec/fixtures/modules/
+/tmp/
+/vendor/
+/convert_report.txt
+/update_report.txt
+.DS_Store
+.project
+.envrc
+/inventory.yaml
+/appveyor.yml
+/.fixtures.yml
+/Gemfile
+/.gitattributes
+/.gitignore
+/.gitlab-ci.yml
+/.pdkignore
+/Rakefile
+/rakelib/
+/.rspec
+/.rubocop.yml
+/.travis.yml
+/.yardopts
+/spec/
+/.vscode/
diff --git a/.project b/.project
deleted file mode 100644
index 5ba70cb..0000000
--- a/.project
+++ /dev/null
@@ -1,25 +0,0 @@
-
-
- argus
-
-
- puppet-concat
- puppetlabs-stdlib
-
-
-
- org.cloudsmith.geppetto.pp.dsl.ui.modulefileBuilder
-
-
-
-
- org.eclipse.xtext.ui.shared.xtextBuilder
-
-
-
-
-
- org.cloudsmith.geppetto.pp.dsl.ui.puppetNature
- org.eclipse.xtext.ui.shared.xtextNature
-
-
diff --git a/.puppet-lint.rc b/.puppet-lint.rc
new file mode 100644
index 0000000..cc96ece
--- /dev/null
+++ b/.puppet-lint.rc
@@ -0,0 +1 @@
+--relative
diff --git a/.rspec b/.rspec
new file mode 100644
index 0000000..16f9cdb
--- /dev/null
+++ b/.rspec
@@ -0,0 +1,2 @@
+--color
+--format documentation
diff --git a/.rubocop.yml b/.rubocop.yml
new file mode 100644
index 0000000..5307849
--- /dev/null
+++ b/.rubocop.yml
@@ -0,0 +1,137 @@
+---
+require:
+- rubocop-rspec
+- rubocop-i18n
+AllCops:
+ DisplayCopNames: true
+ TargetRubyVersion: '2.1'
+ Include:
+ - "./**/*.rb"
+ Exclude:
+ - bin/*
+ - ".vendor/**/*"
+ - "**/Gemfile"
+ - "**/Rakefile"
+ - pkg/**/*
+ - spec/fixtures/**/*
+ - vendor/**/*
+ - "**/Puppetfile"
+ - "**/Vagrantfile"
+ - "**/Guardfile"
+Metrics/LineLength:
+ Description: People have wide screens, use them.
+ Max: 200
+GetText:
+ Enabled: false
+GetText/DecorateString:
+ Description: We don't want to decorate test output.
+ Exclude:
+ - spec/**/*
+ Enabled: false
+RSpec/BeforeAfterAll:
+ Description: Beware of using after(:all) as it may cause state to leak between tests.
+ A necessary evil in acceptance testing.
+ Exclude:
+ - spec/acceptance/**/*.rb
+RSpec/HookArgument:
+ Description: Prefer explicit :each argument, matching existing module's style
+ EnforcedStyle: each
+Style/BlockDelimiters:
+ Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to
+ be consistent then.
+ EnforcedStyle: braces_for_chaining
+Style/BracesAroundHashParameters:
+ Description: Braces are required by Ruby 2.7. Cop removed from RuboCop v0.80.0.
+ See https://github.com/rubocop-hq/rubocop/pull/7643
+ Enabled: true
+Style/ClassAndModuleChildren:
+ Description: Compact style reduces the required amount of indentation.
+ EnforcedStyle: compact
+Style/EmptyElse:
+ Description: Enforce against empty else clauses, but allow `nil` for clarity.
+ EnforcedStyle: empty
+Style/FormatString:
+ Description: Following the main puppet project's style, prefer the % format format.
+ EnforcedStyle: percent
+Style/FormatStringToken:
+ Description: Following the main puppet project's style, prefer the simpler template
+ tokens over annotated ones.
+ EnforcedStyle: template
+Style/Lambda:
+ Description: Prefer the keyword for easier discoverability.
+ EnforcedStyle: literal
+Style/RegexpLiteral:
+ Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168
+ EnforcedStyle: percent_r
+Style/TernaryParentheses:
+ Description: Checks for use of parentheses around ternary conditions. Enforce parentheses
+ on complex expressions for better readability, but seriously consider breaking
+ it up.
+ EnforcedStyle: require_parentheses_when_complex
+Style/TrailingCommaInArguments:
+ Description: Prefer always trailing comma on multiline argument lists. This makes
+ diffs, and re-ordering nicer.
+ EnforcedStyleForMultiline: comma
+Style/TrailingCommaInLiteral:
+ Description: Prefer always trailing comma on multiline literals. This makes diffs,
+ and re-ordering nicer.
+ EnforcedStyleForMultiline: comma
+Style/SymbolArray:
+ Description: Using percent style obscures symbolic intent of array's contents.
+ EnforcedStyle: brackets
+RSpec/MessageSpies:
+ EnforcedStyle: receive
+Style/Documentation:
+ Exclude:
+ - lib/puppet/parser/functions/**/*
+ - spec/**/*
+Style/WordArray:
+ EnforcedStyle: brackets
+Style/CollectionMethods:
+ Enabled: true
+Style/MethodCalledOnDoEndBlock:
+ Enabled: true
+Style/StringMethods:
+ Enabled: true
+GetText/DecorateFunctionMessage:
+ Enabled: false
+GetText/DecorateStringFormattingUsingInterpolation:
+ Enabled: false
+GetText/DecorateStringFormattingUsingPercent:
+ Enabled: false
+Layout/EndOfLine:
+ Enabled: false
+Layout/IndentHeredoc:
+ Enabled: false
+Metrics/AbcSize:
+ Enabled: false
+Metrics/BlockLength:
+ Enabled: false
+Metrics/ClassLength:
+ Enabled: false
+Metrics/CyclomaticComplexity:
+ Enabled: false
+Metrics/MethodLength:
+ Enabled: false
+Metrics/ModuleLength:
+ Enabled: false
+Metrics/ParameterLists:
+ Enabled: false
+Metrics/PerceivedComplexity:
+ Enabled: false
+RSpec/DescribeClass:
+ Enabled: false
+RSpec/ExampleLength:
+ Enabled: false
+RSpec/MessageExpectation:
+ Enabled: false
+RSpec/MultipleExpectations:
+ Enabled: false
+RSpec/NestedGroups:
+ Enabled: false
+Style/AsciiComments:
+ Enabled: false
+Style/IfUnlessModifier:
+ Enabled: false
+Style/SymbolProc:
+ Enabled: false
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..68d3e96
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,49 @@
+---
+os: linux
+dist: xenial
+language: ruby
+cache: bundler
+before_install:
+ - bundle -v
+ - rm -f Gemfile.lock
+ - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner"
+ - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used"
+ - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set"
+ - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION'
+ - gem --version
+ - bundle -v
+script:
+ - 'bundle exec rake $CHECK'
+bundler_args: --without system_tests
+rvm:
+ - 2.5.7
+stages:
+ - static
+ - spec
+ - acceptance
+ -
+ if: tag =~ ^v\d
+ name: deploy
+jobs:
+ fast_finish: true
+ include:
+ -
+ env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint"
+ stage: static
+ -
+ env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec
+ rvm: 2.4.5
+ stage: spec
+ -
+ env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec
+ rvm: 2.5.7
+ stage: spec
+ -
+ env: DEPLOY_TO_FORGE=yes
+ stage: deploy
+branches:
+ only:
+ - master
+ - /^v\d/
+notifications:
+ email: false
diff --git a/.yardopts b/.yardopts
new file mode 100644
index 0000000..29c933b
--- /dev/null
+++ b/.yardopts
@@ -0,0 +1 @@
+--markup markdown
diff --git a/CHANGELOG b/CHANGELOG.md
similarity index 71%
rename from CHANGELOG
rename to CHANGELOG.md
index bd8c6db..4d95c6e 100644
--- a/CHANGELOG
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+2020-07
+ * Puppet 6 compatibility
+ * migration to PDK build
+
2017-01 Frederic Schaer
* huge cleanup. argus 1.7 compliance. Almost a rewrite.
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..8007ad0
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,72 @@
+source ENV['GEM_SOURCE'] || 'https://rubygems.org'
+
+def location_for(place_or_version, fake_version = nil)
+ git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?}
+ file_url_regex = %r{\Afile:\/\/(?.*)}
+
+ if place_or_version && (git_url = place_or_version.match(git_url_regex))
+ [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact
+ elsif place_or_version && (file_url = place_or_version.match(file_url_regex))
+ ['>= 0', { path: File.expand_path(file_url[:path]), require: false }]
+ else
+ [place_or_version, { require: false }]
+ end
+end
+
+ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
+minor_version = ruby_version_segments[0..1].join('.')
+
+group :development do
+ gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0')
+ gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0')
+ gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0')
+ gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9')
+ gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "puppet-module-posix-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby]
+ gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby]
+ gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+end
+
+puppet_version = ENV['PUPPET_GEM_VERSION']
+facter_version = ENV['FACTER_GEM_VERSION']
+hiera_version = ENV['HIERA_GEM_VERSION']
+
+gems = {}
+
+gems['puppet'] = location_for(puppet_version)
+
+# If facter or hiera versions have been specified via the environment
+# variables
+
+gems['facter'] = location_for(facter_version) if facter_version
+gems['hiera'] = location_for(hiera_version) if hiera_version
+
+if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)}
+ # If we're using a Puppet gem on Windows which handles its own win32-xxx gem
+ # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445).
+ gems['win32-dir'] = ['<= 0.4.9', require: false]
+ gems['win32-eventlog'] = ['<= 0.6.5', require: false]
+ gems['win32-process'] = ['<= 0.7.5', require: false]
+ gems['win32-security'] = ['<= 0.2.5', require: false]
+ gems['win32-service'] = ['0.8.8', require: false]
+end
+
+gems.each do |gem_name, gem_params|
+ gem gem_name, *gem_params
+end
+
+# Evaluate Gemfile.local and ~/.gemfile if they exist
+extra_gemfiles = [
+ "#{__FILE__}.local",
+ File.join(Dir.home, '.gemfile'),
+]
+
+extra_gemfiles.each do |gemfile|
+ if File.file?(gemfile) && File.readable?(gemfile)
+ eval(File.read(gemfile), binding)
+ end
+end
+# vim: syntax=ruby
diff --git a/Modulefile b/Modulefile
index 00e53f9..fc1e67d 100644
--- a/Modulefile
+++ b/Modulefile
@@ -1,5 +1,5 @@
name 'heppuppet-argus'
-version '0.0.1'
+version '1.0.0'
author 'schwicke'
license 'Apache License, Version 2.0 (the "License")'
diff --git a/README b/README.md
similarity index 100%
rename from README
rename to README.md
diff --git a/Rakefile b/Rakefile
new file mode 100644
index 0000000..0a5093b
--- /dev/null
+++ b/Rakefile
@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
+require 'puppetlabs_spec_helper/rake_tasks'
+require 'puppet-syntax/tasks/puppet-syntax'
+require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
+require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
+require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?
+
+def changelog_user
+ return unless Rake.application.top_level_tasks.include? "changelog"
+ returnVal = nil || JSON.load(File.read('metadata.json'))['author']
+ raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil?
+ puts "GitHubChangelogGenerator user:#{returnVal}"
+ returnVal
+end
+
+def changelog_project
+ return unless Rake.application.top_level_tasks.include? "changelog"
+
+ returnVal = nil
+ returnVal ||= begin
+ metadata_source = JSON.load(File.read('metadata.json'))['source']
+ metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z})
+
+ metadata_source_match && metadata_source_match[1]
+ end
+
+ raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil?
+
+ puts "GitHubChangelogGenerator project:#{returnVal}"
+ returnVal
+end
+
+def changelog_future_release
+ return unless Rake.application.top_level_tasks.include? "changelog"
+ returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version']
+ raise "unable to find the future_release (version) in metadata.json" if returnVal.nil?
+ puts "GitHubChangelogGenerator future_release:#{returnVal}"
+ returnVal
+end
+
+PuppetLint.configuration.send('disable_relative')
+
+if Bundler.rubygems.find_name('github_changelog_generator').any?
+ GitHubChangelogGenerator::RakeTask.new :changelog do |config|
+ raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
+ config.user = "#{changelog_user}"
+ config.project = "#{changelog_project}"
+ config.future_release = "#{changelog_future_release}"
+ config.exclude_labels = ['maintenance']
+ config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)."
+ config.add_pr_wo_labels = true
+ config.issues = false
+ config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB"
+ config.configure_sections = {
+ "Changed" => {
+ "prefix" => "### Changed",
+ "labels" => ["backwards-incompatible"],
+ },
+ "Added" => {
+ "prefix" => "### Added",
+ "labels" => ["enhancement", "feature"],
+ },
+ "Fixed" => {
+ "prefix" => "### Fixed",
+ "labels" => ["bug", "documentation", "bugfix"],
+ },
+ }
+ end
+else
+ desc 'Generate a Changelog from GitHub'
+ task :changelog do
+ raise < 1.15'
+ condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')"
+EOM
+ end
+end
+
diff --git a/appveyor.yml b/appveyor.yml
new file mode 100644
index 0000000..ec38949
--- /dev/null
+++ b/appveyor.yml
@@ -0,0 +1,56 @@
+---
+version: 1.1.x.{build}
+branches:
+ only:
+ - master
+ - release
+skip_commits:
+ message: /^\(?doc\)?.*/
+clone_depth: 10
+init:
+ - SET
+ - 'mkdir C:\ProgramData\PuppetLabs\code && exit 0'
+ - 'mkdir C:\ProgramData\PuppetLabs\facter && exit 0'
+ - 'mkdir C:\ProgramData\PuppetLabs\hiera && exit 0'
+ - 'mkdir C:\ProgramData\PuppetLabs\puppet\var && exit 0'
+environment:
+ matrix:
+ -
+ RUBY_VERSION: 24-x64
+ CHECK: syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop
+ -
+ PUPPET_GEM_VERSION: ~> 5.0
+ RUBY_VERSION: 24
+ CHECK: parallel_spec
+ -
+ PUPPET_GEM_VERSION: ~> 5.0
+ RUBY_VERSION: 24-x64
+ CHECK: parallel_spec
+ -
+ PUPPET_GEM_VERSION: ~> 6.0
+ RUBY_VERSION: 25
+ CHECK: parallel_spec
+ -
+ PUPPET_GEM_VERSION: ~> 6.0
+ RUBY_VERSION: 25-x64
+ CHECK: parallel_spec
+matrix:
+ fast_finish: true
+install:
+ - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH%
+ - bundle install --jobs 4 --retry 2 --without system_tests
+ - type Gemfile.lock
+build: off
+test_script:
+ - bundle exec puppet -V
+ - ruby -v
+ - gem -v
+ - bundle -v
+ - bundle exec rake %CHECK%
+notifications:
+ - provider: Email
+ to:
+ - nobody@nowhere.com
+ on_build_success: false
+ on_build_failure: false
+ on_build_status_changed: false
diff --git a/data/common.yaml b/data/common.yaml
new file mode 100644
index 0000000..2fbf0ff
--- /dev/null
+++ b/data/common.yaml
@@ -0,0 +1 @@
+--- {}
diff --git a/lib/puppet/parser/functions/randompass.rb b/lib/puppet/parser/functions/randompass.rb
index e3d2a3e..59f6580 100644
--- a/lib/puppet/parser/functions/randompass.rb
+++ b/lib/puppet/parser/functions/randompass.rb
@@ -1,14 +1,15 @@
-module Puppet::Parser::Functions
- newfunction(:randompass, :type => :rvalue, :doc =><<-EOS
-This function returns a random password
-EOS
- ) do |args|
- $length = 10
- $allowed = []
- ('!'..'Z').each { |c| $allowed << c}
- ('a'..'z').each { |c| $allowed << c}
- value = ""
- $length.times{value << $allowed[rand($allowed.length)]}
- return value
+# Creates random password
+Puppet::Parser::Functions.create_function(:randompass) do
+ # @return [String] random password
+ # @example
+ # randompass() => '!@#sfsdf'
+ def randompass
+ length = 10
+ allowed = []
+ ('!'..'Z').each { |c| allowed << c }
+ ('a'..'z').each { |c| allowed << c }
+ value = ''
+ length.times { value << allowed[rand(allowed.length)] }
+ value
end
end
diff --git a/manifests/bdii.pp b/manifests/bdii.pp
index cb84ba6..9488841 100644
--- a/manifests/bdii.pp
+++ b/manifests/bdii.pp
@@ -4,40 +4,40 @@
#
include ::bdii
- file {"/var/lib/bdii/gip/provider/glite-info-glue2-provider-service-argus":
- ensure => file,
- owner => "ldap",
- group => "ldap",
- mode => '0755',
- content => template("argus/glite-info-glue2-provider-service-argus.erb"),
+ file {'/var/lib/bdii/gip/provider/glite-info-glue2-provider-service-argus':
+ ensure => file,
+ owner => 'ldap',
+ group => 'ldap',
+ mode => '0755',
+ content => template('argus/glite-info-glue2-provider-service-argus.erb'),
require => Package['bdii'],
}
- file {"/etc/argus/info-glue2/glite-info-glue2-argus-pep.conf":
- ensure => file,
- owner => "root",
- group => "root",
- mode => '0644',
- force => true,
- content => template("argus/glite-info-glue2-argus-pep.conf.erb"),
+ file {'/etc/argus/info-glue2/glite-info-glue2-argus-pep.conf':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ force => true,
+ content => template('argus/glite-info-glue2-argus-pep.conf.erb'),
}
- file {"/etc/argus/info-glue2/glite-info-glue2-argus-pdp.conf":
- ensure => file,
- owner => "root",
- group => "root",
- mode => '0644',
- force => true,
- content => template("argus/glite-info-glue2-argus-pdp.conf.erb"),
+ file {'/etc/argus/info-glue2/glite-info-glue2-argus-pdp.conf':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ force => true,
+ content => template('argus/glite-info-glue2-argus-pdp.conf.erb'),
}
- file {"/etc/argus/info-glue2/glite-info-glue2-argus-pap.conf":
- ensure => file,
- owner => "root",
- group => "root",
- mode => '0644',
- force => true,
- content => template("argus/glite-info-glue2-argus-pap.conf.erb"),
+ file {'/etc/argus/info-glue2/glite-info-glue2-argus-pap.conf':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ force => true,
+ content => template('argus/glite-info-glue2-argus-pap.conf.erb'),
}
diff --git a/manifests/centralbanning.pp b/manifests/centralbanning.pp
index 5381fff..12d9704 100644
--- a/manifests/centralbanning.pp
+++ b/manifests/centralbanning.pp
@@ -1,30 +1,30 @@
class argus::centralbanning {
- if $::argus::centralbanning_hostname != "" {
- concat::fragment{"pap_configuration.centralbanning.ini":
- target => "/usr/share/argus/pap/conf/pap_configuration.ini",
- order => "1",
- content => template("argus/pap_configuration.ini.centralbanning.erb"),
+ if $::argus::centralbanning_hostname != '' {
+ concat::fragment{'pap_configuration.centralbanning.ini':
+ target => '/usr/share/argus/pap/conf/pap_configuration.ini',
+ order => '1',
+ content => template('argus/pap_configuration.ini.centralbanning.erb'),
}
- file {"/etc/cron.d/centralbanning":
- ensure => present,
- owner => "root",
- group => "root",
- mode => '0644',
- content => template("argus/centralbanning.erb"),
+ file {'/etc/cron.d/centralbanning':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => template('argus/centralbanning.erb'),
}
- ~>
- exec {"/usr/bin/pap-admin --host $::fqdn enable-pap centralbanning && /usr/bin/pap-admin --host $::fqdn set-paps-order centralbanning default && /usr/bin/pap-admin --host $::fqdn refresh-cache centralbanning":
+
+ ~> exec {"/usr/bin/pap-admin --host ${::fqdn} enable-pap centralbanning && /usr/bin/pap-admin --host ${::fqdn} set-paps-order centralbanning default && /usr/bin/pap-admin --host ${::fqdn} refresh-cache centralbanning":
refreshonly => true,
- require => Service['argus-pap']
+ require => Service['argus-pap']
}
}
else
{
- concat::fragment{"pap_configuration.centralbanning.ini":
- target => "/usr/share/argus/pap/conf/pap_configuration.ini",
- order => "1",
- content => template("argus/pap_configuration.ini.default.erb"),
+ concat::fragment{'pap_configuration.centralbanning.ini':
+ target => '/usr/share/argus/pap/conf/pap_configuration.ini',
+ order => '1',
+ content => template('argus/pap_configuration.ini.default.erb'),
}
}
}
diff --git a/manifests/config.pp b/manifests/config.pp
index 6e41a17..bd00af0 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -3,12 +3,12 @@
# VOMS
#we need the VOMS mappings, use vosupport module
class {'vosupport':
- supported_vos => $argus::supported_vos ,
+ supported_vos => $argus::supported_vos ,
enable_mappings_for_service => 'ALL',
- enable_poolaccounts => false,
- enable_environment => false,
- enable_voms => false,
- enable_gridmapdir_for_group => "root",
+ enable_poolaccounts => false,
+ enable_environment => false,
+ enable_voms => false,
+ enable_gridmapdir_for_group => 'root',
}
#include voms servers information
@@ -21,77 +21,86 @@
#
file {['/etc/argus', '/etc/argus/info-glue2' ]:
- ensure => directory,
- owner => 0,
- group => 0,
- mode => '0755',
+ ensure => directory,
+ owner => 0,
+ group => 0,
+ mode => '0755',
}
- concat{"/usr/share/argus/pap/conf/pap_configuration.ini":
- owner => 'root',
- group => 'root',
- mode => '0640',
+ concat{'/usr/share/argus/pap/conf/pap_configuration.ini':
+ owner => 'root',
+ group => 'root',
+ mode => '0640',
require => Package[$argus::pkg_meta],
notify => Service['argus-pap'],
}
- concat::fragment{"pap_configuration.ini":
- target => "/usr/share/argus/pap/conf/pap_configuration.ini",
- order => "9",
- content => template("argus/pap_configuration.ini.erb"),
+ concat::fragment{'pap_configuration.ini':
+ target => '/usr/share/argus/pap/conf/pap_configuration.ini',
+ order => '9',
+ content => template('argus/pap_configuration.ini.erb'),
}
- file {"/usr/share/argus/pap/conf/pap_authorization.ini":
- ensure => present,
- owner => "root",
- group => "root",
- mode => '0640',
- content => template("argus/pap_authorization.ini.erb"),
+ file {'/usr/share/argus/pap/conf/pap_authorization.ini':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0640',
+ content => template('argus/pap_authorization.ini.erb'),
require => Package[$argus::pkg_meta],
notify => Service['argus-pap'],
}
- file {"/usr/share/argus/pap/conf/pap-admin.properties":
- ensure => present,
- owner => "root",
- group => "root",
- mode => '0644',
- content => template("argus/pap-admin.properties.erb"),
+ file {'/usr/share/argus/pap/conf/pap-admin.properties':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => template('argus/pap-admin.properties.erb'),
require => Package[$argus::pkg_meta],
notify => Service['argus-pap'],
}
- file {"/etc/argus/pdp/pdp.ini":
- ensure => present,
- owner => "root",
- group => "root",
- mode => '0640',
- content => template("argus/pdp.ini.erb"),
+ file {'/etc/argus/pdp/pdp.ini':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0640',
+ content => template('argus/pdp.ini.erb'),
require => Package[$argus::pkg_meta],
notify => Service['argus-pdp'],
}
- file {"/usr/share/argus/pepd/conf/pepd.ini":
- ensure => present,
- owner => "root",
- group => "root",
- mode => '0640',
- content => template("argus/pepd.ini.erb"),
+ file {'/usr/share/argus/pepd/conf/pepd.ini':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0640',
+ content => template('argus/pepd.ini.erb'),
require => Package[$argus::pkg_meta],
notify => Service['argus-pepd'],
}
include 'argus::centralbanning'
-
-
-
#pepd service must be restarted when the gridmap files change
- File['/etc/grid-security/grid-mapfile','/etc/grid-security/voms-grid-mapfile','/etc/grid-security/groupmapfile']~>Service['argus-pepd']
-
- File['/usr/share/argus/pap/conf/pap_authorization.ini','/usr/share/argus/pap/conf/pap-admin.properties','/etc/argus/pdp/pdp.ini','/usr/share/argus/pepd/conf/pepd.ini'] -> Class['vosupport'] -> Class['argus::bdii']
+ $grid_mapfile = $::argus::grid_mapfile
+ $group_mapfile = $::argus::group_mapfile
+
+ File[
+ $grid_mapfile,
+ '/etc/grid-security/voms-grid-mapfile',
+ $group_mapfile
+ ]~>Service['argus-pepd']
+
+ File[
+ '/usr/share/argus/pap/conf/pap_authorization.ini',
+ '/usr/share/argus/pap/conf/pap-admin.properties',
+ '/etc/argus/pdp/pdp.ini',
+ '/usr/share/argus/pepd/conf/pepd.ini'
+ ] -> Class['vosupport'] -> Class['argus::bdii']
}
diff --git a/manifests/firewall.pp b/manifests/firewall.pp
index 06ffe4c..1d1382d 100644
--- a/manifests/firewall.pp
+++ b/manifests/firewall.pp
@@ -2,17 +2,17 @@
firewall { '101 allow argus pap':
proto => 'tcp',
- dport => "$argus::pap_port",
+ dport => $argus::pap_port,
action => 'accept',
}
firewall { '101 allow argus pdp':
proto => 'tcp',
- dport => "$argus::pdp_port",
+ dport => $argus::pdp_port,
action => 'accept',
}
firewall { '101 allow argus pepd':
proto => 'tcp',
- dport => "$argus::pepd_port",
+ dport => $argus::pepd_port,
action => 'accept',
}
include bdii::firewall
diff --git a/manifests/init.pp b/manifests/init.pp
index 5c02da0..68ce465 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,27 +1,22 @@
-/**
- * Requirements :
- * - a certificate MUST be installed using puppet in /etc/grid-security/hostcert.pem (hostkey.pem)
- * - the UMD4 repositories MUST be present
- *
- * The PAP rules are specified in a hash this way :
- *
-argus::pap_rules:
- action:
- attribute:
- list of DNs
-
-for instance (the included quotes are required for the policy to be correctly added ) :
- deny:
- subject-issuer:
- - "'CN=bad guys'"
-
-will create a rule :
-rule deny { subject-issuer = 'CN=bad guys' }
-
- */
+# Requirements :
+# - a certificate MUST be installed using puppet in /etc/grid-security/hostcert.pem (hostkey.pem)
+# - the UMD4 repositories MUST be present
+#
+# The PAP rules are specified in a hash this way :
+#
+# argus::pap_rules:
+# action:
+# attribute:
+# list of DNs
+#
+# for instance (the included quotes are required for the policy to be correctly added ) :
+# deny:
+# subject-issuer:
+# - "'CN=bad guys'"
+#
+# will create a rule :
+# rule deny { subject-issuer = 'CN=bad guys' }
class argus (
- $open_firewall = false,
-
#the argus pap server used by pdp
$pap_server,
#the argus pdp server used by pep
@@ -34,8 +29,6 @@
#this will setup the voms related things :
$supported_vos,
- #this will create argus "permit" rules for those VOs if true
- $supported_vos_allowed = true,
# site name is required
$sitename,
@@ -46,20 +39,16 @@
# pep params
$pepd_port,
$pepd_admin_port,
- $pepd_pass = randompass(),
# pdp params
$pdps_port,
$pdp_port,
$pdp_admin_port,
- $pdp_pass = randompass(),
$pdp_retention_interval,
# pap parameters
$pap_port,
$pap_shutdown_port,
- $pap_shutdown_command = randompass(),
-
# central banning setup
$centralbanning_dn,
@@ -67,18 +56,30 @@
$centralbanning_port,
$centralbanning_public,
$poll_interval,
+ #files
+ $grid_mapfile,
+ $grid_mapdir,
+ $group_mapfile,
+
+ $open_firewall = false,
+ #this will create argus "permit" rules for those VOs if true
+ $supported_vos_allowed = true,
+
+ $pepd_pass = randompass(),
+ $pdp_pass = randompass(),
+ $pap_shutdown_command = randompass(),
$service_name = $::fqdn ,
#following must be changed.
$pap_admin_dn = undef , #this must be an *ARRAY* as there can be many admins.
- $site_base_dn = "/O=GRID/C=FR_EN_UK/O=my CA/CN" , #a = will be apended to this when needed.
+ $site_base_dn = '/O=GRID/C=FR_EN_UK/O=my CA/CN' , #a = will be apended to this when needed.
- $nfspath = "" ,
- $nfsmountoptions = "" ,
- $mountpoint = "" ,
+ $nfspath = '' ,
+ $nfsmountoptions = '' ,
+ $mountpoint = '' ,
# additional rules for pap authorization. Used for creating a NGI or central pap.
# example :
@@ -108,17 +109,10 @@
# ...
$pap_rules = {},
-
- #files
- $grid_mapfile,
- $grid_mapdir,
- $group_mapfile,
-
-
) {
$pap_service_dn = "${site_base_dn}=${service_name}"
- $pap_host_dn = "${site_base_dn}=$::fqdn"
+ $pap_host_dn = "${site_base_dn}=${::fqdn}"
case $::osfamily {
'RedHat' : {
diff --git a/manifests/install.pp b/manifests/install.pp
index c7d0aed..3aaea6e 100644
--- a/manifests/install.pp
+++ b/manifests/install.pp
@@ -1,6 +1,6 @@
class argus::install {
package { $::argus::pkg_meta :
ensure => $::argus::pkg_ensure,
- tag => 'argus',
+ tag => 'argus',
}
}
diff --git a/manifests/lemon.pp b/manifests/lemon.pp
index 3124b7e..baa02ca 100644
--- a/manifests/lemon.pp
+++ b/manifests/lemon.pp
@@ -9,5 +9,5 @@
lemon::metric{'33309':}
lemon::metric{'33310':}
lemon::metric{'33311':}
-
+
}
diff --git a/manifests/nfs.pp b/manifests/nfs.pp
index 7dcd864..0d7a5e6 100644
--- a/manifests/nfs.pp
+++ b/manifests/nfs.pp
@@ -11,10 +11,10 @@
#make sure the rpcbind and nfslock services are started prior to mounting the NFS share!
#NB: this is for SLC6, on SLC5 we would need portmap instead of rpcbind. See cvmfs for an example.
service { ['rpcbind','nfslock']:
- ensure => 'running',
- enable => true,
+ ensure => 'running',
+ enable => true,
hasrestart => true,
- hasstatus => true,
+ hasstatus => true,
}
#Use autofs so that the NFS share is correctly mounted on startup and argus directly uses it
@@ -25,10 +25,10 @@
#the automount maps are not managed by the autofs module (only master map and included master maps are)
file { '/etc/auto.gridmapdir':
- ensure => present,
- owner => 'root',
- group => 'root',
- mode => '0644',
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
content => "${mountpoint} ${nfsmountoptions} ${nfspath}",
}
diff --git a/manifests/params.pp b/manifests/params.pp
deleted file mode 100644
index 407352f..0000000
--- a/manifests/params.pp
+++ /dev/null
@@ -1,44 +0,0 @@
-class argus::params {
- # site name
- $sitename = hiera("SITENAME","SOME.WHERE")
-
- # pep params
- $pepd_port = hiera("PEPD_DEFAULT_PORT", "8154")
- $pepd_admin_port = hiera("PEPD_DEFAULT_ADMIN_PORT", "8155")
- $pepd_pass = hiera("PEPD_DEFAULT_PASS", randompass() )
-
- # pdp params
- $pdps_port = hiera("PDPS_PORT", "8152")
- $pdp_port = hiera("PDP_DEFAULT_PORT", "8152")
- $pdp_admin_port = hiera("PDP_DEFAULT_ADMIN_PORT", "8153")
- $pdp_pass = hiera("PDP_DEFAULT_PASS", randompass() )
-
- # pap parameters
- $pap_port = hiera("PAP_DEFAULT_PORT", "8150")
- $pap_shutdown_port = hiera("PAP_DEFAULT_SHUTDOWN_PORT", "8151")
- $pap_shutdown_command = hiera("PAP_DEFAULT_SHUTDOWN_COMMAND", randompass() )
-
-
- # central banning setup
- $centralbanning_enabled = hiera("CENTRALBANNING_ENABLED","false")
- $centralbanning_dn = hiera("CENTRALBANNING_DN", "")
- $centralbanning_hostname = hiera("CENTRALBANNING_HOSTNAME", "")
- $centralbanning_port = hiera("CENTRALBANNING_PORT", 8150)
- $poll_interval = hiera("POLL_INTERVAL", 14400)
-
- $service_name = hiera("SERVICE_NAME", $::fqdn)
- $pap_admin_dn = hiera("PAP_ADMIN_DN", "")
- $site_base_dn = hiera("SITE_BASE_DN", "")
- $pap_service_dn = hiera("PAP_SERVICE_DN", "${site_base_dn}=${service_name}")
- $pap_host_dn = hiera("PAP_HOST_DN", "${site_base_dn}=$::fqdn")
- $nfspath = hiera("NFSPATH", "")
- $nfsmountoptions = hiera("NFSMOUNTOPTIONS", "")
- $mountpoint = hiera("MOUNTPOINT", "")
-
- # additional rules for pap
- $pap_auth = hiera("PAP_AUTH","")
-
- # banning rules
- $pap_ban = hiera("PAP_BAN","")
-
-}
diff --git a/manifests/policies.pp b/manifests/policies.pp
index 234ba3a..8f1bd61 100644
--- a/manifests/policies.pp
+++ b/manifests/policies.pp
@@ -1,57 +1,57 @@
class argus::policies {
- file {"/var/cache/argus":
- ensure => directory,
- owner => root,
- group => root,
- mode => '0700',
- purge => true,
+ file {'/var/cache/argus':
+ ensure => directory,
+ owner => root,
+ group => root,
+ mode => '0700',
+ purge => true,
recurse => true,
}
- file {"/var/cache/argus/policies.spl":
- ensure => present,
- owner => "root",
- group => "root",
- mode => '0644',
- content => template("argus/policies.erb"),
- require => File["/var/cache/argus"],
- notify => Exec["update_argus_policies"],
+ file {'/var/cache/argus/policies.spl':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => template('argus/policies.erb'),
+ require => File['/var/cache/argus'],
+ notify => Exec['update_argus_policies'],
}
- exec {"delete_argus_policies":
- command => "/usr/bin/pap-admin --host $::fqdn remove-all-policies",
- onlyif => "/usr/bin/test ! -s /var/cache/argus/policies.spl",
- notify => Exec['update_pdp_rules']
+ exec {'delete_argus_policies':
+ command => "/usr/bin/pap-admin --host ${::fqdn} remove-all-policies",
+ onlyif => '/usr/bin/test ! -s /var/cache/argus/policies.spl',
+ notify => Exec['update_pdp_rules']
}
- $pap_update_cmd = "/bin/cat /var/cache/argus/*.spl > /tmp/update$$.spl && /usr/bin/pap-admin --host $::fqdn remove-all-policies && /usr/bin/pap-admin --host $::fqdn add-policies-from-file /tmp/update$$.spl && rm /tmp/update$$.spl"
+ $pap_update_cmd = "/bin/cat /var/cache/argus/*.spl > /tmp/update$$.spl && /usr/bin/pap-admin --host ${::fqdn} remove-all-policies && /usr/bin/pap-admin --host ${::fqdn} add-policies-from-file /tmp/update$$.spl && rm /tmp/update$$.spl"
- exec {"update_argus_policies":
- command => "$pap_update_cmd || { rm -f /var/cache/argus/policies.spl ; pkill -f 'java.*argus/pap' ;}",
+ exec {'update_argus_policies':
+ command => "${pap_update_cmd} || { rm -f /var/cache/argus/policies.spl ; pkill -f 'java.*argus/pap' ;}",
refreshonly => true,
- onlyif => "/usr/bin/test -s /var/cache/argus/policies.spl",
- notify => Exec['update_pdp_rules'],
- require => Service['argus-pap']
+ onlyif => '/usr/bin/test -s /var/cache/argus/policies.spl',
+ notify => Exec['update_pdp_rules'],
+ require => Service['argus-pap']
}
#a new exec whose only goal is to try to reload policies if none is found in argus AND the policies.spl file is not empty. Meaning the policies are not there but should !
# this can happen on reinstall, and this can then cause Undetermined decisions in pdp/pep, causing sites breakdown
#remove policies.spl on failure, to trigger a new argus pap config on next run
#kill argus pap on failure too as a "pdp reloadpolicy" just doesn't complain if policies are empty !
- exec {"update_argus_policies_on_previous_failure":
- command => "$pap_update_cmd || { rm -f /var/cache/argus/policies.spl ; pkill -f 'java.*argus/pap' ;}",
- onlyif => "/bin/bash -c '(pap-admin lp | grep -q \"No policies\") && /usr/bin/test -s /var/cache/argus/policies.spl'",
- notify => Exec['update_pdp_rules'],
+ exec {'update_argus_policies_on_previous_failure':
+ command => "${pap_update_cmd} || { rm -f /var/cache/argus/policies.spl ; pkill -f 'java.*argus/pap' ;}",
+ onlyif => "/bin/bash -c '(pap-admin lp | grep -q \"No policies\") && /usr/bin/test -s /var/cache/argus/policies.spl'",
+ notify => Exec['update_pdp_rules'],
require => Service['argus-pap']
}
#this does not even complain if pap is dead :'(
exec {'update_pdp_rules':
- command => '/usr/sbin/pdpctl reloadPolicy',
+ command => '/usr/sbin/pdpctl reloadPolicy',
refreshonly => true,
- require => Service['argus-pdp']
+ require => Service['argus-pdp']
}
File['/var/cache/argus'] -> File['/var/cache/argus/policies.spl'] -> Exec['delete_argus_policies'] -> Exec['update_argus_policies']
diff --git a/manifests/rules_banning.pp b/manifests/rules_banning.pp
index c1d68ce..dc23734 100644
--- a/manifests/rules_banning.pp
+++ b/manifests/rules_banning.pp
@@ -1,37 +1,37 @@
class argus::rules_banning inherits argus::params {
- file {"/var/cache/argus":
- ensure => directory,
- owner => root,
- group => root,
- mode => 0700,
- purge => true,
+ file {'/var/cache/argus':
+ ensure => directory,
+ owner => root,
+ group => root,
+ mode => '0700',
+ purge => true,
recurse => true,
}
- file {"/var/cache/argus/policies_centralbanning.spl":
- ensure => present,
- owner => "root",
- group => "root",
- mode => 0644,
- content => template("argus/policies_centralbanning.erb"),
- require => File["/var/cache/argus"],
- notify => Exec["update_argus_policies"],
+ file {'/var/cache/argus/policies_centralbanning.spl':
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ content => template('argus/policies_centralbanning.erb'),
+ require => File['/var/cache/argus'],
+ notify => Exec['update_argus_policies'],
}
- exec {"delete_argus_policies":
- command => "/usr/bin/pap-admin --host $::fqdn remove-all-policies",
- onlyif => "/usr/bin/test ! -s /var/cache/argus/policies_centralbanning.spl",
- notify => Service["argus-pdp"] #restart the PDP service to take the new policies into account
+ exec {'delete_argus_policies':
+ command => "/usr/bin/pap-admin --host ${::fqdn} remove-all-policies",
+ onlyif => '/usr/bin/test ! -s /var/cache/argus/policies_centralbanning.spl',
+ notify => Service['argus-pdp'] #restart the PDP service to take the new policies into account
}
-
- exec {"update_argus_policies":
- command => "/bin/cat /var/cache/argus/*.spl > /tmp/update$$.spl && /usr/bin/pap-admin --host $::fqdn remove-all-policies && /usr/bin/pap-admin --host $::fqdn add-policies-from-file /tmp/update$$.spl && rm /tmp/update$$.spl",
+
+ exec {'update_argus_policies':
+ command => "/bin/cat /var/cache/argus/*.spl > /tmp/update$$.spl && /usr/bin/pap-admin --host ${::fqdn} remove-all-policies && /usr/bin/pap-admin --host ${::fqdn} add-policies-from-file /tmp/update$$.spl && rm /tmp/update$$.spl",
refreshonly => true,
- onlyif => "/usr/bin/test -s /var/cache/argus/policies_centralbanning.spl",
- notify => Service["argus-pdp"] #restart the PDP service to take the new policies into account
+ onlyif => '/usr/bin/test -s /var/cache/argus/policies_centralbanning.spl',
+ notify => Service['argus-pdp'] #restart the PDP service to take the new policies into account
}
File['/var/cache/argus'] -> File['/var/cache/argus/policies_centralbanning.spl'] -> Exec['delete_argus_policies'] -> Exec['update_argus_policies']
-
+
}
diff --git a/manifests/service.pp b/manifests/service.pp
index eabd9ce..bafb597 100644
--- a/manifests/service.pp
+++ b/manifests/service.pp
@@ -1,25 +1,25 @@
class argus::service {
service{'argus-pap':
- ensure => running,
- hasstatus => true,
+ ensure => running,
+ hasstatus => true,
hasrestart => true,
- enable => true,
- tag => 'argus',
+ enable => true,
+ tag => 'argus',
}
- ->
- service{'argus-pdp':
- ensure => running,
- hasstatus => true,
+
+ -> service{'argus-pdp':
+ ensure => running,
+ hasstatus => true,
hasrestart => true,
- enable => true,
- tag => 'argus',
+ enable => true,
+ tag => 'argus',
}
- ->
- service{'argus-pepd':
- ensure => running,
- hasstatus => true,
+
+ -> service{'argus-pepd':
+ ensure => running,
+ hasstatus => true,
hasrestart => true,
- enable => true,
- tag => 'argus',
+ enable => true,
+ tag => 'argus',
}
}
diff --git a/manifests/servicecert.pp b/manifests/servicecert.pp
index eab402d..a513243 100644
--- a/manifests/servicecert.pp
+++ b/manifests/servicecert.pp
@@ -1,18 +1,19 @@
-class argus::servicecert inherits argus::params {
+class argus::servicecert {
+ $service_name = $::argus::service_name
if $service_name == $::fqnd {
# we can use the puppet autogenerated certificate
- class {'hostcertificate::gridcertificate':}
+ class {'hostcertificate::gridcertificate':}
}
else
{
- if !defined(File["/etc/grid-security"]) {
- file {"/etc/grid-security":
+ if !defined(File['/etc/grid-security']) {
+ file {'/etc/grid-security':
ensure => directory,
- owner => "root",
- group => "root",
- mode => 0700,
+ owner => 'root',
+ group => 'root',
+ mode => '0700',
}
}
}
}
-
+
diff --git a/manifests/voms.pp b/manifests/voms.pp
index bdf8dd3..d569ec6 100644
--- a/manifests/voms.pp
+++ b/manifests/voms.pp
@@ -1,6 +1,4 @@
-/*
- * puppet helper that will include the voms module related classes for individual VOs
- */
+# puppet helper that will include the voms module related classes for individual VOs
define argus::voms {
include "::voms::${title}"
}
diff --git a/metadata.json b/metadata.json
index 35eb9e4..cf44a14 100644
--- a/metadata.json
+++ b/metadata.json
@@ -1,17 +1,94 @@
-{"name": "heppuppet-argus",
+{
+ "name": "heppuppet-argus",
+ "version": "1.0.0",
"author": "schwicke",
- "description": "This modules provides classes and definitions required to setup an Argus server instance.",
- "license": "Apache License, Version 2.0 (the \"License\")",
+ "summary": "This modules provides classes and definitions required to setup an Argus server instance.",
+ "license": "Apache-2.0",
+ "source": "https://github.com/HEP-Puppet/puppet-argus",
"project_page": "http://www.eu-emi.eu/",
- "source": "",
- "summary": "EMI Argus service", "version": "0.0.1",
+ "issues_url": "https://github.com/HEP-Puppet/puppet-argus/issues",
"dependencies": [
- {"name": "puppetlabs/stdlib", "version_requirement": ">=4.1.0"},
- {"name": "puppetlabs/concat", "version_requirement": ">=1.2.5"},
- {"name": "puppetlabs/firewall", "version_requirement": ">=0.3.1"},
- {"name": "CERNOps/vosupport", "version_requirement": ">=0.0.1"},
- {"name": "pdxcat/autofs", "version_requirement": ">=0.0.2"},
- {"name":"puppet/fetchcrl", "version_requirement":">= 1.1.1"},
- {"name":"stahnma-epel", "version_requirement":">= 1.2.2"}
- ]
-}
\ No newline at end of file
+ {
+ "name": "puppetlabs/stdlib",
+ "version_requirement": ">= 4.1.0 < 7.0.0"
+ },
+ {
+ "name": "puppetlabs/concat",
+ "version_requirement": ">=1.2.5 < 7.0.0"
+ },
+ {
+ "name": "puppetlabs/firewall",
+ "version_requirement": ">= 0.3.1 < 3"
+ },
+ {
+ "name": "CERNOps/vosupport",
+ "version_requirement": ">=0.0.1 < 10"
+ },
+ {
+ "name": "pdxcat/autofs",
+ "version_requirement": ">=0.0.2 < 10"
+ },
+ {
+ "name": "puppet/fetchcrl",
+ "version_requirement": ">= 1.1.1 < 5"
+ },
+ {
+ "name": "stahnma-epel",
+ "version_requirement": ">= 1.2.2 < 10"
+ }
+ ],
+ "operatingsystem_support": [
+ {
+ "operatingsystem": "CentOS",
+ "operatingsystemrelease": [
+ "7"
+ ]
+ },
+ {
+ "operatingsystem": "OracleLinux",
+ "operatingsystemrelease": [
+ "7"
+ ]
+ },
+ {
+ "operatingsystem": "RedHat",
+ "operatingsystemrelease": [
+ "8"
+ ]
+ },
+ {
+ "operatingsystem": "Scientific",
+ "operatingsystemrelease": [
+ "7"
+ ]
+ },
+ {
+ "operatingsystem": "Debian",
+ "operatingsystemrelease": [
+ "9"
+ ]
+ },
+ {
+ "operatingsystem": "Ubuntu",
+ "operatingsystemrelease": [
+ "18.04"
+ ]
+ },
+ {
+ "operatingsystem": "windows",
+ "operatingsystemrelease": [
+ "2019",
+ "10"
+ ]
+ }
+ ],
+ "requirements": [
+ {
+ "name": "puppet",
+ "version_requirement": ">= 4.10.0 < 7.0.0"
+ }
+ ],
+ "pdk-version": "1.18.1",
+ "template-url": "pdk-default#1.18.1",
+ "template-ref": "tags/1.18.1-0-g3d2e75c"
+}
diff --git a/spec/default_facts.yml b/spec/default_facts.yml
new file mode 100644
index 0000000..f777abf
--- /dev/null
+++ b/spec/default_facts.yml
@@ -0,0 +1,8 @@
+# Use default_module_facts.yml for module specific facts.
+#
+# Facts specified here will override the values provided by rspec-puppet-facts.
+---
+ipaddress: "172.16.254.254"
+ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
+is_pe: false
+macaddress: "AA:AA:AA:AA:AA:AA"
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 5fda588..d3778ca 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,17 +1,57 @@
-dir = File.expand_path(File.dirname(__FILE__))
-$LOAD_PATH.unshift File.join(dir, 'lib')
+# frozen_string_literal: true
-require 'mocha'
-require 'puppet'
-require 'rspec'
-require 'spec/autorun'
+require 'puppetlabs_spec_helper/module_spec_helper'
+require 'rspec-puppet-facts'
-Spec::Runner.configure do |config|
- config.mock_with :mocha
+require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb'))
+
+include RspecPuppetFacts
+
+default_facts = {
+ puppetversion: Puppet.version,
+ facterversion: Facter.version,
+}
+
+default_fact_files = [
+ File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')),
+ File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')),
+]
+
+default_fact_files.each do |f|
+ next unless File.exist?(f) && File.readable?(f) && File.size?(f)
+
+ begin
+ default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
+ rescue => e
+ RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
+ end
end
-# We need this because the RAL uses 'should' as a method. This
-# allows us the same behaviour but with a different method name.
-class Object
- alias :must :should
+# read default_facts and merge them over what is provided by facterdb
+default_facts.each do |fact, value|
+ add_custom_fact fact, value
end
+
+RSpec.configure do |c|
+ c.default_facts = default_facts
+ c.before :each do
+ # set to strictest setting for testing
+ # by default Puppet runs at warning level
+ Puppet.settings[:strict] = :warning
+ Puppet.settings[:strict_variables] = true
+ end
+ c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT']
+ c.after(:suite) do
+ end
+end
+
+# Ensures that a module is defined
+# @param module_name Name of the module
+def ensure_module_defined(module_name)
+ module_name.split('::').reduce(Object) do |last_module, next_module|
+ last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false)
+ last_module.const_get(next_module, false)
+ end
+end
+
+# 'spec_overrides' from sync.yml will appear below this line