Updated testing gems (#276)

Gemfile

@@ -17,24 +17,13 @@ ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
 minor_version = ruby_version_segments[0..1].join('.')
 
 group :development do
-  gem "fast_gettext", '1.1.0',                                   require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0')
-  gem "fast_gettext",                                            require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0')
-  gem "json_pure", '<= 2.0.1',                                   require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0')
-  gem "json", '= 1.8.1',                                         require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9')
-  gem "json", '= 2.0.4',                                         require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-  gem "json", '= 2.1.0',                                         require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-  gem "rb-readline", '= 0.5.5',                                  require: false, platforms: [:mswin, :mingw, :x64_mingw]
-  gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
-  gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0',     require: false, platforms: [:ruby]
-  gem "puppet-module-win-default-r#{minor_version}", '~> 1.0',   require: false, platforms: [:mswin, :mingw, :x64_mingw]
-  gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0',       require: false, platforms: [:mswin, :mingw, :x64_mingw]
-  gem "puppet-lint-param-docs",                                  require: false
-  gem "faraday", '~> 1.0',                                       require: false
-  gem "github_changelog_generator",                              require: false
+  gem "voxpupuli-test", '5.4.1',    require: false
+  gem "faraday", '~> 1.0',          require: false
+  gem "github_changelog_generator", require: false
+  gem "puppet-blacksmith",          require: false
+  gem "puppet-strings",             require: false
 end
 group :system_tests do
-  gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0',                  require: false, platforms: [:ruby]
-  gem "puppet-module-win-system-r#{minor_version}", '~> 1.0',                    require: false, platforms: [:mswin, :mingw, :x64_mingw]
   gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '~> 4.29')
   gem "beaker-abs", *location_for(ENV['BEAKER_ABS_VERSION'] || '~> 0.1')
   gem "beaker-pe",                                                               require: false

Rakefile

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
 require 'puppetlabs_spec_helper/rake_tasks'
 require 'puppet-syntax/tasks/puppet-syntax'
+require 'beaker-rspec/rake_task' if Bundler.rubygems.find_name('beaker-rspec').any?
 require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
 require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
 require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?

lib/puppet_x/keycloak/type.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PuppetX # rubocop:disable Style/ClassAndModuleChildren
-  module Keycloak # rubocop:disable Style/ClassAndModuleChildren
+  module Keycloak
     # Module for shared type configs
     module Type
       def add_autorequires(realm = true)

manifests/client_scope/oidc.pp

@@ -14,8 +14,7 @@
   String $realm,
   String $resource_name = $name,
 ) {
-
-  include ::keycloak
+  include keycloak
 
   keycloak_client_scope { $name:
     realm         => $realm,
@@ -47,5 +46,4 @@
     claim_name     => 'given_name',
     user_attribute => 'firstName',
   }
-
 }

manifests/client_scope/saml.pp

@@ -14,8 +14,7 @@
   String $realm,
   String $resource_name = $name,
 ) {
-
-  include ::keycloak
+  include keycloak
 
   keycloak_client_scope { $name:
     realm         => $realm,
@@ -29,7 +28,7 @@
     attribute_nameformat => 'uri',
     user_attribute       => 'username',
     friendly_name        => 'userid',
-    attribute_name       => 'urn:oid:0.9.2342.19200300.100.1.1'
+    attribute_name       => 'urn:oid:0.9.2342.19200300.100.1.1',
   }
 
   keycloak_protocol_mapper { "X500 email for ${name} on ${realm}":
@@ -38,7 +37,7 @@
     attribute_nameformat => 'uri',
     user_attribute       => 'email',
     friendly_name        => 'email',
-    attribute_name       => 'urn:oid:1.2.840.113549.1.9.1'
+    attribute_name       => 'urn:oid:1.2.840.113549.1.9.1',
   }
 
   keycloak_protocol_mapper { "X500 givenName for ${name} on ${realm}":
@@ -47,7 +46,7 @@
     attribute_nameformat => 'uri',
     user_attribute       => 'firstName',
     friendly_name        => 'givenName',
-    attribute_name       => 'urn:oid:2.5.4.42'
+    attribute_name       => 'urn:oid:2.5.4.42',
   }
 
   keycloak_protocol_mapper { "X500 surname for ${name} on ${realm}":
@@ -56,7 +55,7 @@
     attribute_nameformat => 'uri',
     user_attribute       => 'lastName',
     friendly_name        => 'surname',
-    attribute_name       => 'urn:oid:2.5.4.4'
+    attribute_name       => 'urn:oid:2.5.4.4',
   }
 
   keycloak_protocol_mapper { "role list for ${name} on ${realm}":
@@ -66,5 +65,4 @@
     attribute_nameformat => 'basic',
     attribute_name       => 'Role',
   }
-
 }

manifests/config.pp

@@ -29,10 +29,10 @@
     group     => $keycloak::group,
     mode      => '0600',
     content   => join([
-      '# File managed by Puppet',
-      "KEYCLOAK_ADMIN=${keycloak::admin_user}",
-      "KEYCLOAK_ADMIN_PASSWORD=${keycloak::admin_user_password}",
-      '',
+        '# File managed by Puppet',
+        "KEYCLOAK_ADMIN=${keycloak::admin_user}",
+        "KEYCLOAK_ADMIN_PASSWORD=${keycloak::admin_user_password}",
+        '',
     ], "\n"),
     show_diff => false,
   }

manifests/db/mysql.pp

@@ -18,5 +18,4 @@
       collate  => $keycloak::db_collate,
     }
   }
-
 }

manifests/freeipa_ldap_mappers.pp

@@ -17,62 +17,75 @@
 # @param parent_id
 #   Used to identify the parent LDAP user provider, name used with keycloak::freeipa_user_provider
 #
-define keycloak::freeipa_ldap_mappers
-(
-  String           $realm,
-  String           $groups_dn,
-  String           $roles_dn,
-  String           $parent_id = $title,
-)
-{
+define keycloak::freeipa_ldap_mappers (
+  String $realm,
+  String $groups_dn,
+  String $roles_dn,
+  String $parent_id = $title,
+) {
   $title_suffix = "for ${title}"
+  $defaults = {
+    ensure                      => 'present',
+    realm                       => $realm,
+    ldap                        => $parent_id,
+    always_read_value_from_ldap => true,
+    read_only                   => true,
+  }
+
+  keycloak_ldap_mapper { "cn ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'cn',
+    user_model_attribute => 'cn',
+    is_mandatory_in_ldap => true,
+  }
+
+  keycloak_ldap_mapper { "displayName ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'displayName',
+    user_model_attribute => 'displayName',
+    is_mandatory_in_ldap => true,
+  }
+
+  keycloak_ldap_mapper { "email ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'mail',
+    user_model_attribute => 'email',
+    is_mandatory_in_ldap => true,
+  }
 
-  # This translates to parentId in JSON and must be correct or hard-to-debug
-  # issues will ensue.
+  keycloak_ldap_mapper { "first name ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'givenName',
+    user_model_attribute => 'firstName',
+    is_mandatory_in_ldap => true,
+  }
+
+  keycloak_ldap_mapper { "last name ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'sn',
+    user_model_attribute => 'lastName',
+    is_mandatory_in_ldap => true,
+  }
+
+  keycloak_ldap_mapper { "username ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'uid',
+    user_model_attribute => 'username',
+    is_mandatory_in_ldap => true,
+  }
+
+  keycloak_ldap_mapper { "modify date ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'modifyTimestamp',
+    user_model_attribute => 'modifyTimestamp',
+    is_mandatory_in_ldap => false,
+  }
 
-  keycloak_ldap_mapper {
-    default:
-      ensure                      => 'present',
-      realm                       => $realm,
-      ldap                        => $parent_id,
-      always_read_value_from_ldap => true,
-      read_only                   => true,
-      is_mandatory_in_ldap        => true,
-    ;
-    ["cn ${title_suffix}"]:
-      ldap_attribute       => 'cn',
-      user_model_attribute => 'cn',
-    ;
-    ["displayName ${title_suffix}"]:
-      ldap_attribute       => 'displayName',
-      user_model_attribute => 'displayName',
-    ;
-    ["email ${title_suffix}"]:
-      ldap_attribute       => 'mail',
-      user_model_attribute => 'email',
-    ;
-    ["first name ${title_suffix}"]:
-      ldap_attribute       => 'givenName',
-      user_model_attribute => 'firstName',
-    ;
-    ["last name ${title_suffix}"]:
-      ldap_attribute       => 'sn',
-      user_model_attribute => 'lastName',
-    ;
-    ["username ${title_suffix}"]:
-      ldap_attribute       => 'uid',
-      user_model_attribute => 'username',
-    ;
-    ["modify date ${title_suffix}"]:
-      is_mandatory_in_ldap => false,
-      ldap_attribute       => 'modifyTimestamp',
-      user_model_attribute => 'modifyTimestamp',
-    ;
-    ["creation date ${title_suffix}"]:
-      is_mandatory_in_ldap => false,
-      ldap_attribute       => 'createTimestamp',
-      user_model_attribute => 'createTimestamp',
-    ;
+  keycloak_ldap_mapper { "creation date ${title_suffix}":
+    *                    => $defaults,
+    ldap_attribute       => 'createTimestamp',
+    user_model_attribute => 'createTimestamp',
+    is_mandatory_in_ldap => false,
   }
 
   keycloak_ldap_mapper { "roles ${title_suffix}":

manifests/freeipa_user_provider.pp

@@ -34,21 +34,19 @@
 # @param changed_sync_period
 #   Synchronize changed users this often (changedSyncPeriod)
 #
-define keycloak::freeipa_user_provider
-(
-  String                    $realm,
-  String                    $bind_dn,
-  String                    $bind_credential,
-  String                    $users_dn,
+define keycloak::freeipa_user_provider (
+  String $realm,
+  String $bind_dn,
+  String $bind_credential,
+  String $users_dn,
   Enum['present', 'absent'] $ensure = 'present',
-  Optional[String]          $id = undef,
-  Stdlib::Host              $ipa_host = $title,
-  Integer                   $priority = 10,
-  Boolean                   $ldaps = false,
-  Optional[Integer]         $full_sync_period = undef,
-  Optional[Integer]         $changed_sync_period = undef
-)
-{
+  Optional[String] $id = undef,
+  Stdlib::Host $ipa_host = $title,
+  Integer $priority = 10,
+  Boolean $ldaps = false,
+  Optional[Integer] $full_sync_period = undef,
+  Optional[Integer] $changed_sync_period = undef
+) {
   if $ldaps {
     $connection_url = "ldaps://${ipa_host}:636"
   }

manifests/init.pp

@@ -209,8 +209,7 @@
 class keycloak (
   Boolean $manage_install       = true,
   String $version               = '19.0.3',
-  Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]]
-    $package_url                = undef,
+  Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]] $package_url= undef,
   Optional[Stdlib::Absolutepath] $install_dir = undef,
   Enum['include','class'] $java_declare_method = 'class',
   String[1] $java_package = 'java-11-openjdk-devel',
@@ -284,8 +283,7 @@
   Boolean $ldap_user_providers_merge = false,
   Boolean $flow_executions_merge = false,
   Boolean $with_sssd_support = false,
-  Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]
-    $libunix_dbus_java_source = 'https://github.com/keycloak/libunix-dbus-java/archive/libunix-dbus-java-0.8.0.tar.gz',
+  Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl] $libunix_dbus_java_source = 'https://github.com/keycloak/libunix-dbus-java/archive/libunix-dbus-java-0.8.0.tar.gz',
   Boolean $install_libunix_dbus_java_build_dependencies = true,
   Array $libunix_dbus_java_build_dependencies = [],
   Stdlib::Absolutepath $libunix_dbus_java_libdir = '/usr/lib64',
@@ -299,7 +297,6 @@
   Optional[Variant[String, Array]] $custom_config_source = undef,
   String $validator_test_url = '/realms/master/.well-known/openid-configuration',
 ) {
-
   if ! ($facts['os']['family'] in ['RedHat','Debian']) {
     fail("Unsupported osfamily: ${facts['os']['family']}, module ${module_name} only support osfamilies Debian and Redhat")
   }
@@ -391,7 +388,7 @@
 
   if $db in ['mysql','mariadb','postgres'] {
     contain "keycloak::db::${db}"
-    Class["keycloak::db::${db}"]~>Class['keycloak::service']
+    Class["keycloak::db::${db}"] ~> Class['keycloak::service']
   }
 
   if $with_sssd_support {
@@ -409,5 +406,4 @@
   }
 
   include keycloak::resources
-
 }

manifests/install.pp

@@ -23,8 +23,8 @@
     }
   }
 
-  if $::keycloak::manage_install {
-    file { $::keycloak::install_base:
+  if $keycloak::manage_install {
+    file { $keycloak::install_base:
       ensure => 'directory',
       owner  => $keycloak::user,
       group  => $keycloak::group,
@@ -34,19 +34,19 @@
       ensure          => 'present',
       extract         => true,
       path            => "/tmp/keycloak-${keycloak::version}.tar.gz",
-      extract_path    => $::keycloak::install_base,
+      extract_path    => $keycloak::install_base,
       extract_command => 'tar xfz %s --strip-components=1',
       source          => $keycloak::download_url,
-      creates         => "${::keycloak::install_base}/bin",
+      creates         => "${keycloak::install_base}/bin",
       cleanup         => true,
       user            => $keycloak::user,
       group           => $keycloak::group,
     }
   } else {
     # Set permissions properly when using a package
     exec { 'ensure-keycloak-dir-owner':
-      command => "chown -R ${::keycloak::user}:${::keycloak::group} ${::keycloak::install_base}",
-      unless  => "test `stat -c %U ${::keycloak::install_base}` = ${::keycloak::user}",
+      command => "chown -R ${keycloak::user}:${keycloak::group} ${keycloak::install_base}",
+      unless  => "test `stat -c %U ${keycloak::install_base}` = ${keycloak::user}",
       path    => ['/bin','/usr/bin'],
     }
   }

manifests/service.pp

@@ -14,5 +14,4 @@
     hasstatus  => true,
     hasrestart => true,
   }
-
 }

manifests/spi_deployment.pp

@@ -98,5 +98,4 @@
       notify  => Class['keycloak::service'],
     }
   }
-
 }