diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 8b466cf..6aaa603 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -232,18 +232,21 @@ simple tests against it after applying the module. You can run this with: ```sh -BEAKER_setfile=debian11-64 bundle exec rake beaker +BEAKER_PUPPET_COLLECTION=puppet7 BEAKER_setfile=debian11-64 bundle exec rake beaker ``` -You can replace the string `debian10` with any common operating system. +You can replace the string `debian11` with any common operating system. The following strings are known to work: -* ubuntu1804 * ubuntu2004 -* debian10 +* ubuntu2204 * debian11 * centos7 * centos8 +* centos9 +* almalinux8 +* almalinux9 +* fedora36 For more information and tips & tricks, see [voxpupuli-acceptance's documentation](https://github.com/voxpupuli/voxpupuli-acceptance#running-tests). diff --git a/.github/SECURITY.md b/.github/SECURITY.md deleted file mode 100644 index cacadf2..0000000 --- a/.github/SECURITY.md +++ /dev/null @@ -1,3 +0,0 @@ -# Vox Pupuli Security Policy - -Our vulnerabilities reporting process is at https://voxpupuli.org/security/ diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 15f1721..55324aa 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,7 +12,7 @@ on: jobs: release: name: Release - uses: voxpupuli/gha-puppet/.github/workflows/release.yml@v1 + uses: voxpupuli/gha-puppet/.github/workflows/release.yml@v2 with: allowed_owner: 'voxpupuli' secrets: diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index e369e3c..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -stages: - - syntax - - unit - -cache: - paths: - - vendor/bundle - -before_script: - - bundle -v - - rm Gemfile.lock || true - - gem update --system - - gem --version - - bundle -v - - bundle install --without system_tests --path vendor/bundle --jobs $(nproc) - -parallel_spec-Ruby 2.1.9-Puppet ~> 4.0: - stage: unit - image: ruby:2.1.9 - script: - - bundle exec rake parallel_spec - variables: - PUPPET_GEM_VERSION: '~> 4.0' - -syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop-Ruby 2.4.4-Puppet ~> 5.5: - stage: syntax - image: ruby:2.4.4 - script: - - bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - variables: - PUPPET_GEM_VERSION: '~> 5.5' - -parallel_spec-Ruby 2.4.4-Puppet ~> 5.5: - stage: unit - image: ruby:2.4.4 - script: - - bundle exec rake parallel_spec - variables: - PUPPET_GEM_VERSION: '~> 5.5' - diff --git a/.msync.yml b/.msync.yml index a4b0069..f818344 100644 --- a/.msync.yml +++ b/.msync.yml @@ -2,4 +2,4 @@ # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -modulesync_config_version: '5.5.0' +modulesync_config_version: '7.2.0' diff --git a/.pdkignore b/.pdkignore deleted file mode 100644 index 650022e..0000000 --- a/.pdkignore +++ /dev/null @@ -1,24 +0,0 @@ -.git/ -.*.sw[op] -.metadata -.yardoc -.yardwarns -*.iml -/.bundle/ -/.idea/ -/.vagrant/ -/coverage/ -/bin/ -/doc/ -/Gemfile.local -/Gemfile.lock -/junit/ -/log/ -/pkg/ -/spec/fixtures/manifests/ -/spec/fixtures/modules/ -/tmp/ -/vendor/ -/convert_report.txt -/update_report.txt -.DS_Store diff --git a/.pmtignore b/.pmtignore index 58a0408..10b9830 100644 --- a/.pmtignore +++ b/.pmtignore @@ -35,3 +35,4 @@ /.yardoc/ /.yardopts /Dockerfile +/HISTORY.md diff --git a/Gemfile b/Gemfile index 50f8bd2..78ebd45 100644 --- a/Gemfile +++ b/Gemfile @@ -4,11 +4,11 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' group :test do - gem 'voxpupuli-test', '~> 5.4', :require => false + gem 'voxpupuli-test', '~> 7.0', :require => false gem 'coveralls', :require => false gem 'simplecov-console', :require => false - gem 'puppet_metadata', '~> 2.0', :require => false gem 'webrick', :require => false if RUBY_VERSION >= '3.2' + gem 'puppet_metadata', '~> 3.5', :require => false end group :development do @@ -17,13 +17,11 @@ group :development do end group :system_tests do - gem 'voxpupuli-acceptance', '~> 1.0', :require => false + gem 'voxpupuli-acceptance', '~> 3.0', :require => false end group :release do - gem 'github_changelog_generator', '>= 1.16.1', :require => false if RUBY_VERSION >= '2.5' - gem 'voxpupuli-release', '~> 2.0', :require => false - gem 'faraday-retry', '~> 2.1', :require => false if RUBY_VERSION >= '2.6' + gem 'voxpupuli-release', '~> 3.0', :require => false end gem 'rake', :require => false diff --git a/appveyor.yml b/appveyor.yml deleted file mode 100644 index 4a5b227..0000000 --- a/appveyor.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -version: 1.1.x.{build} -skip_commits: - message: /^\(?doc\)?.*/ -clone_depth: 10 -init: - - SET - - 'mkdir C:\ProgramData\PuppetLabs\code && exit 0' - - 'mkdir C:\ProgramData\PuppetLabs\facter && exit 0' - - 'mkdir C:\ProgramData\PuppetLabs\hiera && exit 0' - - 'mkdir C:\ProgramData\PuppetLabs\puppet\var && exit 0' -environment: - matrix: - - - RUBY_VERSION: 24-x64 - CHECK: syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - - - PUPPET_GEM_VERSION: ~> 4.0 - RUBY_VERSION: 21 - CHECK: parallel_spec - - - PUPPET_GEM_VERSION: ~> 4.0 - RUBY_VERSION: 21-x64 - CHECK: parallel_spec - - - PUPPET_GEM_VERSION: ~> 5.0 - RUBY_VERSION: 24 - CHECK: parallel_spec - - - PUPPET_GEM_VERSION: ~> 5.0 - RUBY_VERSION: 24-x64 - CHECK: parallel_spec -matrix: - fast_finish: true -install: - - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH% - - bundle install --jobs 4 --retry 2 --without system_tests - - type Gemfile.lock -build: off -test_script: - - bundle exec puppet -V - - ruby -v - - gem -v - - bundle -v - - bundle exec rake %CHECK% -notifications: - - provider: Email - to: - - nobody@nowhere.com - on_build_success: false - on_build_failure: false - on_build_status_changed: false diff --git a/lib/puppet_x/vault_lookup/lookup.rb b/lib/puppet_x/vault_lookup/lookup.rb index bbc23d2..ae6f686 100644 --- a/lib/puppet_x/vault_lookup/lookup.rb +++ b/lib/puppet_x/vault_lookup/lookup.rb @@ -21,13 +21,13 @@ def self.lookup(cache:, if vault_addr.nil? Puppet.debug 'No Vault address was set on function, defaulting to value from VAULT_ADDR env value' - vault_addr = ENV['VAULT_ADDR'] + vault_addr = ENV.fetch('VAULT_ADDR', nil) raise Puppet::Error, 'No vault_addr given and VAULT_ADDR env variable not set' if vault_addr.nil? end if namespace.nil? Puppet.debug 'No Vault namespace was set on function, defaulting to value from VAULT_NAMESPACE env value' - namespace = ENV['VAULT_NAMESPACE'] + namespace = ENV.fetch('VAULT_NAMESPACE', nil) end # Check the cache. @@ -41,9 +41,9 @@ def self.lookup(cache:, return prior_result end - auth_method = ENV['VAULT_AUTH_METHOD'] || 'cert' if auth_method.nil? - role_id = ENV['VAULT_ROLE_ID'] if role_id.nil? - secret_id = ENV['VAULT_SECRET_ID'] if secret_id.nil? + auth_method = ENV.fetch('VAULT_AUTH_METHOD', 'cert') if auth_method.nil? + role_id = ENV.fetch('VAULT_ROLE_ID', nil) if role_id.nil? + secret_id = ENV.fetch('VAULT_SECRET_ID', nil) if secret_id.nil? cert_path_segment = 'v1/auth/cert/' if cert_path_segment.nil? approle_path_segment = 'v1/auth/approle/' if approle_path_segment.nil? @@ -85,8 +85,8 @@ def self.lookup(cache:, # This assumes the token is availble in a sink file populated by the Vault Agent. # @see https://developer.hashicorp.com/vault/docs/agent/autoauth/sinks/file if agent_sink_file.nil? - Puppet.debug "No agent sink file was set on function, defaulting to VAULT_AGENT_SINK_FILE env var: #{ENV['VAULT_AGENT_SINK_FILE']}" - agent_sink_file = ENV['VAULT_AGENT_SINK_FILE'] + Puppet.debug "No agent sink file was set on function, defaulting to VAULT_AGENT_SINK_FILE env var: #{ENV.fetch('VAULT_AGENT_SINK_FILE', nil)}" + agent_sink_file = ENV.fetch('VAULT_AGENT_SINK_FILE', nil) end raise Puppet::Error, 'agent_sink_file must be defined when using the agent_sink auth method' if agent_sink_file.nil? diff --git a/spec/acceptance/lookup_spec.rb b/spec/acceptance/lookup_spec.rb index c32e725..6a377b7 100644 --- a/spec/acceptance/lookup_spec.rb +++ b/spec/acceptance/lookup_spec.rb @@ -2,9 +2,7 @@ require 'beaker-rspec' require 'beaker-rspec/spec_helper' -require 'beaker-puppet' -require 'beaker/puppet_install_helper' -require 'beaker/module_install_helper' +require 'beaker_puppet_helpers' describe 'lookup with vault configured to accept certs from puppetserver' do before(:all) do @@ -12,7 +10,7 @@ # PATH, add the directories to the top of the /etc/bash.bashrc so the dirs # are available for all non-interactive bash shells. on(master, "sed -i '1s_^_PATH=/opt/puppetlabs/server/bin:/opt/puppetlabs/puppet/bin:/opt/puppetlabs/bin:$PATH\\n_' /etc/bash.bashrc") - install_module_on(master) + install_local_module_on(master) vault = find_host_with_role('vault') scp_to(vault, 'spec/acceptance/fixtures/unseal.sh', '/root/unseal.sh') on(vault, 'su root /root/unseal.sh') diff --git a/spec/mock_vault_helper.rb b/spec/mock_vault_helper.rb index 25d3678..6430bb1 100644 --- a/spec/mock_vault_helper.rb +++ b/spec/mock_vault_helper.rb @@ -11,7 +11,7 @@ module PuppetVaultLookupHelpers "lease_duration": 0, "data": null, "wrap_info": null, - "warnings": ["Invalid path for a versioned K/V secrets engine. See the API docs for the appropriate API endpoints to use. If using the Vault CLI, use \'vault kv get\' for this operation."], + "warnings": ["Invalid path for a versioned K/V secrets engine. See the API docs for the appropriate API endpoints to use. If using the Vault CLI, use 'vault kv get' for this operation."], "auth": null } JSON diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 6515b7b..9efb4ae 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -17,3 +17,4 @@ add_custom_fact name.to_sym, value end end +Dir['./spec/support/spec/**/*.rb'].sort.each { |f| require f }