From b11dad00b9392a737159c9bb14a8a375a2b2eebd Mon Sep 17 00:00:00 2001
From: treydock <tdockendorf@osc.edu>
Date: Wed, 5 Apr 2023 09:53:14 -0400
Subject: [PATCH] Default to Keycloak 21.0.1 and Use OpenJDK 17 where possible
 (#283)

* Default to Keycloak 21.0.1
Use OpenJDK 17 where possible

* For mappers test download jar from osc-keycloak-scripts release page
---
 .github/workflows/ci.yaml                         |  13 ++-----------
 .sync.yml                                         |  13 ++-----------
 README.md                                         |   1 +
 data/os/Debian.yaml                               |   8 ++++----
 data/os/Debian/10.yaml                            |   4 ++++
 data/os/RedHat.yaml                               |   8 ++++----
 data/os/RedHat/7.yaml                             |   4 ++++
 manifests/init.pp                                 |   2 +-
 spec/acceptance/6_protocol_mapper_spec.rb         |   6 +++---
 spec/classes/init_spec.rb                         |   2 +-
 spec/defines/freeipa_ldap_mappers_spec.rb         |   1 -
 spec/defines/freeipa_user_provider_spec.rb        |   1 -
 spec/defines/spi_deployment_spec.rb               |   2 +-
 spec/fixtures/mappers.jar                         | Bin 683 -> 0 bytes
 .../mappers/META-INF/keycloak-scripts.json        |  12 ------------
 spec/fixtures/mappers/x500-displayName.js         |   1 -
 spec/spec_helper_acceptance_setup.rb              |   3 +--
 17 files changed, 28 insertions(+), 53 deletions(-)
 create mode 100644 data/os/Debian/10.yaml
 create mode 100644 data/os/RedHat/7.yaml
 delete mode 100644 spec/fixtures/mappers.jar
 delete mode 100644 spec/fixtures/mappers/META-INF/keycloak-scripts.json
 delete mode 100644 spec/fixtures/mappers/x500-displayName.js

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 58d65cb6..3461100b 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -69,24 +69,15 @@ jobs:
           - "puppet6"
           - "puppet7"
         keycloak_version:
-          - "19.0.3"
           - "21.0.1"
         keycloak_full:
           - "no"
         include:
-          - set: "el7"
-            puppet: "puppet6"
-            keycloak_version: "19.0.3"
-            keycloak_full: "yes"
-          - set: "el7"
-            puppet: "puppet7"
-            keycloak_version: "19.0.3"
-            keycloak_full: "yes"
-          - set: "el7"
+          - set: "el8"
             puppet: "puppet6"
             keycloak_version: "21.0.1"
             keycloak_full: "yes"
-          - set: "el7"
+          - set: "el8"
             puppet: "puppet7"
             keycloak_version: "21.0.1"
             keycloak_full: "yes"
diff --git a/.sync.yml b/.sync.yml
index a78a8aa9..50f0c930 100644
--- a/.sync.yml
+++ b/.sync.yml
@@ -27,23 +27,14 @@ Rakefile:
       - puppet6
       - puppet7
     keycloak_version:
-      - '19.0.3'
       - '21.0.1'
     keycloak_full: ['no']
   acceptance_includes:
-    - set: el7
-      puppet: puppet6
-      keycloak_version: 19.0.3
-      keycloak_full: 'yes'
-    - set: el7
-      puppet: puppet7
-      keycloak_version: 19.0.3
-      keycloak_full: 'yes'
-    - set: el7
+    - set: el8
       puppet: puppet6
       keycloak_version: 21.0.1
       keycloak_full: 'yes'
-    - set: el7
+    - set: el8
       puppet: puppet7
       keycloak_version: 21.0.1
       keycloak_full: 'yes'
diff --git a/README.md b/README.md
index 2082e2e5..eaa99830 100644
--- a/README.md
+++ b/README.md
@@ -173,6 +173,7 @@ This module may work on earlier versions but this is the only version tested.
 | 12.x - 16.x      | 7.x                             |
 | 18.x             | 8.x                             |
 | 19.x - 21.x      | 9.x                             |
+| 21.x             | 10.x                            |
 
 ## Usage
 
diff --git a/data/os/Debian.yaml b/data/os/Debian.yaml
index 71a7b2da..f17a5550 100644
--- a/data/os/Debian.yaml
+++ b/data/os/Debian.yaml
@@ -1,9 +1,9 @@
 ---
 keycloak::java_declare_method: include
-keycloak::java_package: openjdk-11-jdk
-keycloak::java_home: /usr/lib/jvm/java-1.11.0-openjdk-amd64/
-keycloak::java_alternative_path: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java
-keycloak::java_alternative: java-1.11.0-openjdk-amd64
+keycloak::java_package: openjdk-17-jdk
+keycloak::java_home: /usr/lib/jvm/java-1.17.0-openjdk-amd64/
+keycloak::java_alternative_path: /usr/lib/jvm/java-1.17.0-openjdk-amd64/bin/java
+keycloak::java_alternative: java-1.17.0-openjdk-amd64
 keycloak::user_shell: '/usr/sbin/nologin'
 keycloak::libunix_dbus_java_build_dependencies:
   - 'zlib1g-dev'
diff --git a/data/os/Debian/10.yaml b/data/os/Debian/10.yaml
new file mode 100644
index 00000000..1877e0af
--- /dev/null
+++ b/data/os/Debian/10.yaml
@@ -0,0 +1,4 @@
+keycloak::java_package: openjdk-11-jdk
+keycloak::java_home: /usr/lib/jvm/java-1.11.0-openjdk-amd64/
+keycloak::java_alternative_path: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java
+keycloak::java_alternative: java-1.11.0-openjdk-amd64
diff --git a/data/os/RedHat.yaml b/data/os/RedHat.yaml
index 38a99bc7..09734199 100644
--- a/data/os/RedHat.yaml
+++ b/data/os/RedHat.yaml
@@ -1,8 +1,8 @@
 ---
-keycloak::java_package: java-11-openjdk-devel
-keycloak::java_home: /usr/lib/jvm/java-11-openjdk/
-keycloak::java_alternative_path: /usr/lib/jvm/java-11-openjdk/bin/java
-keycloak::java_alternative: /usr/lib/jvm/java-11-openjdk/bin/java
+keycloak::java_package: java-17-openjdk-devel
+keycloak::java_home: /usr/lib/jvm/java-17-openjdk/
+keycloak::java_alternative_path: /usr/lib/jvm/java-17-openjdk/bin/java
+keycloak::java_alternative: /usr/lib/jvm/java-17-openjdk/bin/java
 keycloak::user_shell: '/sbin/nologin'
 keycloak::libunix_dbus_java_build_dependencies:
   - 'which'
diff --git a/data/os/RedHat/7.yaml b/data/os/RedHat/7.yaml
new file mode 100644
index 00000000..518e83df
--- /dev/null
+++ b/data/os/RedHat/7.yaml
@@ -0,0 +1,4 @@
+keycloak::java_package: java-11-openjdk-devel
+keycloak::java_home: /usr/lib/jvm/java-11-openjdk/
+keycloak::java_alternative_path: /usr/lib/jvm/java-11-openjdk/bin/java
+keycloak::java_alternative: /usr/lib/jvm/java-11-openjdk/bin/java
diff --git a/manifests/init.pp b/manifests/init.pp
index fee0075b..7d5068b0 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -209,7 +209,7 @@
 #   Only necessary to set if the URL path to Keycloak is modified
 class keycloak (
   Boolean $manage_install       = true,
-  String $version               = '19.0.3',
+  String $version               = '21.0.1',
   Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]] $package_url= undef,
   Optional[Stdlib::Absolutepath] $install_dir = undef,
   Enum['include','class'] $java_declare_method = 'class',
diff --git a/spec/acceptance/6_protocol_mapper_spec.rb b/spec/acceptance/6_protocol_mapper_spec.rb
index 064abfec..cafcb447 100644
--- a/spec/acceptance/6_protocol_mapper_spec.rb
+++ b/spec/acceptance/6_protocol_mapper_spec.rb
@@ -168,9 +168,9 @@ class { 'keycloak': }
       class { 'keycloak':
         features => ['scripts'],
       }
-      keycloak::spi_deployment { 'mappers':
-        deployed_name => 'mappers.jar',
-        source        => 'file:///tmp/mappers.jar',
+      keycloak::spi_deployment { 'osc-keycloak-scripts':
+        deployed_name => 'osc-keycloak-scripts-jar-with-dependencies.jar',
+        source        => 'https://github.com/OSC/osc-keycloak-scripts/releases/download/1.0.0/osc-keycloak-scripts-jar-with-dependencies.jar',
       }
       keycloak_realm { 'test': ensure => 'present' }
       keycloak_client_scope { 'saml on test':
diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
index 13bc82c0..96180a1c 100644
--- a/spec/classes/init_spec.rb
+++ b/spec/classes/init_spec.rb
@@ -8,7 +8,7 @@
       let(:facts) do
         facts.merge(concat_basedir: '/dne')
       end
-      let(:version) { '19.0.3' }
+      let(:version) { '21.0.1' }
 
       case facts[:osfamily]
       when %r{RedHat}
diff --git a/spec/defines/freeipa_ldap_mappers_spec.rb b/spec/defines/freeipa_ldap_mappers_spec.rb
index 6df2ad11..5f86c09f 100644
--- a/spec/defines/freeipa_ldap_mappers_spec.rb
+++ b/spec/defines/freeipa_ldap_mappers_spec.rb
@@ -5,7 +5,6 @@
 describe 'keycloak::freeipa_ldap_mappers' do
   on_supported_os.each do |os, _facts|
     context "on #{os}" do
-      let(:version) { '12.0.4' }
       let(:title) { 'ipa.example.org' }
       let(:params) do
         {
diff --git a/spec/defines/freeipa_user_provider_spec.rb b/spec/defines/freeipa_user_provider_spec.rb
index 575704bd..6cc58f07 100644
--- a/spec/defines/freeipa_user_provider_spec.rb
+++ b/spec/defines/freeipa_user_provider_spec.rb
@@ -5,7 +5,6 @@
 describe 'keycloak::freeipa_user_provider' do
   on_supported_os.each do |os, _facts|
     context "on #{os}" do
-      let(:version) { '12.0.4' }
       let(:title) { 'ipa.example.org' }
       let(:default_params) do
         {
diff --git a/spec/defines/spi_deployment_spec.rb b/spec/defines/spi_deployment_spec.rb
index 25fb3c3e..d479e681 100644
--- a/spec/defines/spi_deployment_spec.rb
+++ b/spec/defines/spi_deployment_spec.rb
@@ -8,7 +8,7 @@
       let(:facts) do
         facts.merge(concat_basedir: '/dne')
       end
-      let(:version) { '19.0.3' }
+      let(:version) { '21.0.1' }
       let(:title) { 'duo-spi' }
       let(:params) { { deployed_name: 'keycloak-duo-spi-jar-with-dependencies.jar', source: 'https://example.com/files/keycloak-duo-spi-jar-with-dependencies.jar' } }
 
diff --git a/spec/fixtures/mappers.jar b/spec/fixtures/mappers.jar
deleted file mode 100644
index 7c6dfabca4b76364176181529ba2a3fa958415e6..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 683
zcmWIWW@h1H0D;WV_)stdN^mmBF!;KLIO=-(x#@?7a56Bn-j7cf0OHaLZU#mc_3t{W
zEX#Y1bpwD#hyXQlfQ@K)G)JHY$h!u_a>zzxr&cEC<R@n97AF^F7L*k0WfkY=!OaDk
zjb?7{nf+Xc9C(g@{5wzS&K)mtars4?6=V;YCO!Fgan6D%`*vprRyj|<|KV)=8MXtD
zR@-QZl|@`q`Np(;VPv)6JlWt-re{8;f;{`yt}<(=jNa?Uv*c>r`B-*k?{7a|UcdI|
z=v>>c_Fu!UhQ0bSMYc~R?@^4!(Zl_-qf6K~&(KHsDG?YfIu9<1ssjCE0K~#TKUJ6-
z80e;C78m3sR{AC8rUJbJ_Q<z;@yXwT7|kQvx_-Ksy!~|xPwQyuee^!#d-X!dg|Gm2
zr`*<{6?6QRd``{cW(e?RWRhdX6%`Udn?XQ;;jJTxMv53#NW`Go2{8^=v_Onw1RAuY
t(HYq|9FauW4$NRewnH3f71lrl8Vm|F49Bywfqcmfggij4ogkMo004*P!$$xB

diff --git a/spec/fixtures/mappers/META-INF/keycloak-scripts.json b/spec/fixtures/mappers/META-INF/keycloak-scripts.json
deleted file mode 100644
index e0bb8cd1..00000000
--- a/spec/fixtures/mappers/META-INF/keycloak-scripts.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "authenticators": [],
-  "policies": [],
-  "mappers": [],
-  "saml-mappers": [
-    {
-      "name": "X500 displayName",
-      "fileName": "x500-displayName.js",
-      "description": "X500 displayName"
-    }
-  ]
-}
diff --git a/spec/fixtures/mappers/x500-displayName.js b/spec/fixtures/mappers/x500-displayName.js
deleted file mode 100644
index e4c52424..00000000
--- a/spec/fixtures/mappers/x500-displayName.js
+++ /dev/null
@@ -1 +0,0 @@
-user.getFirstName() + ' ' + user.getLastName();
diff --git a/spec/spec_helper_acceptance_setup.rb b/spec/spec_helper_acceptance_setup.rb
index ba873240..adc760d4 100644
--- a/spec/spec_helper_acceptance_setup.rb
+++ b/spec/spec_helper_acceptance_setup.rb
@@ -3,7 +3,7 @@
 RSpec.configure do |c|
   c.add_setting :keycloak_version
   keycloak_version = if ENV['BEAKER_keycloak_version'].nil? || ENV['BEAKER_keycloak_version'].empty?
-                       '19.0.3'
+                       '21.0.1'
                      else
                        ENV['BEAKER_keycloak_version']
                      end
@@ -14,7 +14,6 @@
 
 proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
 scp_to(hosts, File.join(proj_root, 'spec/fixtures/DuoUniversalKeycloakAuthenticator-jar-with-dependencies.jar'), '/tmp/DuoUniversalKeycloakAuthenticator-jar-with-dependencies.jar')
-scp_to(hosts, File.join(proj_root, 'spec/fixtures/mappers.jar'), '/tmp/mappers.jar')
 
 hiera_yaml = <<-HIERA_YAML
 ---