Metaunix
/
puppet-nslcd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Upgrade module to version 0.4.2 (see changelog)

This commit is contained in:
geekix 2021-11-06 12:36:59 +01:00
parent c63004c8fe
commit 8b46443435
37 changed files with 1065 additions and 317 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.devcontainer/Dockerfile Normal file
View File

@ -0,0 +1,6 @@
FROM puppet/pdk:latest
# [Optional] Uncomment this section to install additional packages.
# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
# && apt-get -y install --no-install-recommends <your-package-list-here>

34
.devcontainer/README.md Normal file
View File

@ -0,0 +1,34 @@
# devcontainer
For format details, see https://aka.ms/devcontainer.json.
For config options, see the README at:
https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet
``` json
{
"name": "Puppet Development Kit (Community)",
"dockerFile": "Dockerfile",
// Set *default* container specific settings.json values on container create.
"settings": {
"terminal.integrated.shell.linux": "/bin/bash"
},
// Add the IDs of extensions you want installed when the container is created.
"extensions": [
"puppet.puppet-vscode",
"rebornix.Ruby"
]
// Use 'forwardPorts' to make a list of ports inside the container available locally.
"forwardPorts": [],
// Use 'postCreateCommand' to run commands after the container is created.
"postCreateCommand": "pdk --version",
}
```

17
.devcontainer/devcontainer.json Normal file
View File

@ -0,0 +1,17 @@
{
"name": "Puppet Development Kit (Community)",
"dockerFile": "Dockerfile",
"settings": {
"terminal.integrated.profiles.linux": {
"bash": {
"path": "bash",
}
}
},
"extensions": [
"puppet.puppet-vscode",
"rebornix.Ruby"
]
}

9
.fixtures.yml
View File

@ -1,5 +1,6 @@
# This file can be used to install module dependencies for unit testing
# See https://github.com/puppetlabs/puppetlabs_spec_helper#using-fixtures for details
---
fixtures:
repositories:
"stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git"
symlinks:
"nslcd": "#{source_dir}"
forge_modules:
# stdlib: "puppetlabs/stdlib"

5
.gitattributes vendored Normal file
View File

@ -0,0 +1,5 @@
*.rb eol=lf
*.erb eol=lf
*.pp eol=lf
*.sh eol=lf
*.epp eol=lf

4
.gitignore vendored
View File

@ -22,3 +22,7 @@
/convert_report.txt
/update_report.txt
.DS_Store
.project
.envrc
/inventory.yaml
/spec/fixtures/litmus_inventory.yaml

62
.gitlab-ci.yml
View File

@ -3,39 +3,51 @@ stages:
- syntax
- unit
cache:
paths:
- vendor/bundle
default:
cache:
paths:
- vendor/bundle
before_script:
- bundle -v
- rm Gemfile.lock || true
- gem update --system
- gem --version
- bundle -v
- bundle install --without system_tests --path vendor/bundle --jobs $(nproc)
before_script: &before_script
- bundle -v
- rm Gemfile.lock || true
- "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner"
- "# Set `rubygems_version` in the .sync.yml to set a value"
- "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set"
- '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION'
- gem --version
- bundle -v
- bundle install --without system_tests --path vendor/bundle --jobs $(nproc)
parallel_spec-Ruby 2.1.9-Puppet ~> 4.0:
stage: unit
image: ruby:2.1.9
script:
- bundle exec rake parallel_spec
variables:
PUPPET_GEM_VERSION: '~> 4.0'
syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop-Ruby 2.4.4-Puppet ~> 5.5:
validate lint check rubocop-Ruby 2.5.7-Puppet ~> 6:
stage: syntax
image: ruby:2.4.4
image: ruby:2.5.7
script:
- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop
- bundle exec rake validate lint check rubocop
variables:
PUPPET_GEM_VERSION: '~> 5.5'
PUPPET_GEM_VERSION: '~> 6'
parallel_spec-Ruby 2.4.4-Puppet ~> 5.5:
parallel_spec-Ruby 2.5.7-Puppet ~> 6:
stage: unit
image: ruby:2.4.4
image: ruby:2.5.7
script:
- bundle exec rake parallel_spec
variables:
PUPPET_GEM_VERSION: '~> 5.5'
PUPPET_GEM_VERSION: '~> 6'
validate lint check rubocop-Ruby 2.7.2-Puppet ~> 7:
stage: syntax
image: ruby:2.7.2
script:
- bundle exec rake validate lint check rubocop
variables:
PUPPET_GEM_VERSION: '~> 7'
parallel_spec-Ruby 2.7.2-Puppet ~> 7:
stage: unit
image: ruby:2.7.2
script:
- bundle exec rake parallel_spec
variables:
PUPPET_GEM_VERSION: '~> 7'

23
.pdkignore
View File

@ -22,3 +22,26 @@
/convert_report.txt
/update_report.txt
.DS_Store
.project
.envrc
/inventory.yaml
/spec/fixtures/litmus_inventory.yaml
/appveyor.yml
/.editorconfig
/.fixtures.yml
/Gemfile
/.gitattributes
/.gitignore
/.gitlab-ci.yml
/.pdkignore
/.puppet-lint.rc
/Rakefile
/rakelib/
/.rspec
/.rubocop.yml
/.travis.yml
/.yardopts
/spec/
/.vscode/
/.sync.yml
/.devcontainer/

1
.puppet-lint.rc Normal file
View File

@ -0,0 +1 @@
--relative

413
.rubocop.yml
View File

@ -1,10 +1,12 @@
---
require: rubocop-rspec
require:
- rubocop-performance
- rubocop-rspec
AllCops:
DisplayCopNames: true
TargetRubyVersion: '2.1'
TargetRubyVersion: '2.4'
Include:
- "./**/*.rb"
- "**/*.rb"
Exclude:
- bin/*
- ".vendor/**/*"
@ -16,7 +18,7 @@ AllCops:
- "**/Puppetfile"
- "**/Vagrantfile"
- "**/Guardfile"
Metrics/LineLength:
Layout/LineLength:
Description: People have wide screens, use them.
Max: 200
RSpec/BeforeAfterAll:
@ -27,6 +29,9 @@ RSpec/BeforeAfterAll:
RSpec/HookArgument:
Description: Prefer explicit :each argument, matching existing module's style
EnforcedStyle: each
RSpec/DescribeSymbol:
Exclude:
- spec/unit/facter/**/*.rb
Style/BlockDelimiters:
Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to
be consistent then.
@ -59,7 +64,7 @@ Style/TrailingCommaInArguments:
Description: Prefer always trailing comma on multiline argument lists. This makes
diffs, and re-ordering nicer.
EnforcedStyleForMultiline: comma
Style/TrailingCommaInLiteral:
Style/TrailingCommaInArrayLiteral:
Description: Prefer always trailing comma on multiline literals. This makes diffs,
and re-ordering nicer.
EnforcedStyleForMultiline: comma
@ -74,20 +79,170 @@ Style/Documentation:
- spec/**/*
Style/WordArray:
EnforcedStyle: brackets
Performance/AncestorsInclude:
Enabled: true
Performance/BigDecimalWithNumericArgument:
Enabled: true
Performance/BlockGivenWithExplicitBlock:
Enabled: true
Performance/CaseWhenSplat:
Enabled: true
Performance/ConstantRegexp:
Enabled: true
Performance/MethodObjectAsBlock:
Enabled: true
Performance/RedundantSortBlock:
Enabled: true
Performance/RedundantStringChars:
Enabled: true
Performance/ReverseFirst:
Enabled: true
Performance/SortReverse:
Enabled: true
Performance/Squeeze:
Enabled: true
Performance/StringInclude:
Enabled: true
Performance/Sum:
Enabled: true
Style/CollectionMethods:
Enabled: true
Style/MethodCalledOnDoEndBlock:
Enabled: true
Style/StringMethods:
Enabled: true
Bundler/InsecureProtocolSource:
Enabled: false
Gemspec/DuplicatedAssignment:
Enabled: false
Gemspec/OrderedDependencies:
Enabled: false
Gemspec/RequiredRubyVersion:
Enabled: false
Gemspec/RubyVersionGlobalsUsage:
Enabled: false
Layout/ArgumentAlignment:
Enabled: false
Layout/BeginEndAlignment:
Enabled: false
Layout/ClosingHeredocIndentation:
Enabled: false
Layout/EmptyComment:
Enabled: false
Layout/EmptyLineAfterGuardClause:
Enabled: false
Layout/EmptyLinesAroundArguments:
Enabled: false
Layout/EmptyLinesAroundAttributeAccessor:
Enabled: false
Layout/EndOfLine:
Enabled: false
Layout/FirstArgumentIndentation:
Enabled: false
Layout/HashAlignment:
Enabled: false
Layout/HeredocIndentation:
Enabled: false
Layout/LeadingEmptyLines:
Enabled: false
Layout/SpaceAroundMethodCallOperator:
Enabled: false
Layout/SpaceInsideArrayLiteralBrackets:
Enabled: false
Layout/SpaceInsideReferenceBrackets:
Enabled: false
Lint/BigDecimalNew:
Enabled: false
Lint/BooleanSymbol:
Enabled: false
Lint/ConstantDefinitionInBlock:
Enabled: false
Lint/DeprecatedOpenSSLConstant:
Enabled: false
Lint/DisjunctiveAssignmentInConstructor:
Enabled: false
Lint/DuplicateElsifCondition:
Enabled: false
Lint/DuplicateRequire:
Enabled: false
Lint/DuplicateRescueException:
Enabled: false
Lint/EmptyConditionalBody:
Enabled: false
Lint/EmptyFile:
Enabled: false
Lint/ErbNewArguments:
Enabled: false
Lint/FloatComparison:
Enabled: false
Lint/HashCompareByIdentity:
Enabled: false
Lint/IdentityComparison:
Enabled: false
Lint/InterpolationCheck:
Enabled: false
Lint/MissingCopEnableDirective:
Enabled: false
Lint/MixedRegexpCaptureTypes:
Enabled: false
Lint/NestedPercentLiteral:
Enabled: false
Lint/NonDeterministicRequireOrder:
Enabled: false
Lint/OrderedMagicComments:
Enabled: false
Lint/OutOfRangeRegexpRef:
Enabled: false
Lint/RaiseException:
Enabled: false
Lint/RedundantCopEnableDirective:
Enabled: false
Lint/RedundantRequireStatement:
Enabled: false
Lint/RedundantSafeNavigation:
Enabled: false
Lint/RedundantWithIndex:
Enabled: false
Lint/RedundantWithObject:
Enabled: false
Lint/RegexpAsCondition:
Enabled: false
Lint/ReturnInVoidContext:
Enabled: false
Lint/SafeNavigationConsistency:
Enabled: false
Lint/SafeNavigationWithEmpty:
Enabled: false
Lint/SelfAssignment:
Enabled: false
Lint/SendWithMixinArgument:
Enabled: false
Lint/ShadowedArgument:
Enabled: false
Lint/StructNewOverride:
Enabled: false
Lint/ToJSON:
Enabled: false
Lint/TopLevelReturnWithArgument:
Enabled: false
Lint/TrailingCommaInAttributeDeclaration:
Enabled: false
Lint/UnreachableLoop:
Enabled: false
Lint/UriEscapeUnescape:
Enabled: false
Lint/UriRegexp:
Enabled: false
Lint/UselessMethodDefinition:
Enabled: false
Lint/UselessTimes:
Enabled: false
Metrics/AbcSize:
Enabled: false
Metrics/BlockLength:
Enabled: false
Metrics/BlockNesting:
Enabled: false
Metrics/ClassLength:
Enabled: false
Metrics/CyclomaticComplexity:
@ -100,19 +255,265 @@ Metrics/ParameterLists:
Enabled: false
Metrics/PerceivedComplexity:
Enabled: false
Migration/DepartmentName:
Enabled: false
Naming/AccessorMethodName:
Enabled: false
Naming/BlockParameterName:
Enabled: false
Naming/HeredocDelimiterCase:
Enabled: false
Naming/HeredocDelimiterNaming:
Enabled: false
Naming/MemoizedInstanceVariableName:
Enabled: false
Naming/MethodParameterName:
Enabled: false
Naming/RescuedExceptionsVariableName:
Enabled: false
Naming/VariableNumber:
Enabled: false
Performance/BindCall:
Enabled: false
Performance/DeletePrefix:
Enabled: false
Performance/DeleteSuffix:
Enabled: false
Performance/InefficientHashSearch:
Enabled: false
Performance/UnfreezeString:
Enabled: false
Performance/UriDefaultParser:
Enabled: false
RSpec/Be:
Enabled: false
RSpec/Capybara/CurrentPathExpectation:
Enabled: false
RSpec/Capybara/FeatureMethods:
Enabled: false
RSpec/Capybara/VisibilityMatcher:
Enabled: false
RSpec/ContextMethod:
Enabled: false
RSpec/ContextWording:
Enabled: false
RSpec/DescribeClass:
Enabled: false
RSpec/EmptyHook:
Enabled: false
RSpec/EmptyLineAfterExample:
Enabled: false
RSpec/EmptyLineAfterExampleGroup:
Enabled: false
RSpec/EmptyLineAfterHook:
Enabled: false
RSpec/ExampleLength:
Enabled: false
RSpec/MessageExpectation:
RSpec/ExampleWithoutDescription:
Enabled: false
RSpec/ExpectChange:
Enabled: false
RSpec/ExpectInHook:
Enabled: false
RSpec/FactoryBot/AttributeDefinedStatically:
Enabled: false
RSpec/FactoryBot/CreateList:
Enabled: false
RSpec/FactoryBot/FactoryClassName:
Enabled: false
RSpec/HooksBeforeExamples:
Enabled: false
RSpec/ImplicitBlockExpectation:
Enabled: false
RSpec/ImplicitSubject:
Enabled: false
RSpec/LeakyConstantDeclaration:
Enabled: false
RSpec/LetBeforeExamples:
Enabled: false
RSpec/MissingExampleGroupArgument:
Enabled: false
RSpec/MultipleExpectations:
Enabled: false
RSpec/MultipleMemoizedHelpers:
Enabled: false
RSpec/MultipleSubjects:
Enabled: false
RSpec/NestedGroups:
Enabled: false
RSpec/PredicateMatcher:
Enabled: false
RSpec/ReceiveCounts:
Enabled: false
RSpec/ReceiveNever:
Enabled: false
RSpec/RepeatedExampleGroupBody:
Enabled: false
RSpec/RepeatedExampleGroupDescription:
Enabled: false
RSpec/RepeatedIncludeExample:
Enabled: false
RSpec/ReturnFromStub:
Enabled: false
RSpec/SharedExamples:
Enabled: false
RSpec/StubbedMock:
Enabled: false
RSpec/UnspecifiedException:
Enabled: false
RSpec/VariableDefinition:
Enabled: false
RSpec/VoidExpect:
Enabled: false
RSpec/Yield:
Enabled: false
Security/Open:
Enabled: false
Style/AccessModifierDeclarations:
Enabled: false
Style/AccessorGrouping:
Enabled: false
Style/AsciiComments:
Enabled: false
Style/BisectedAttrAccessor:
Enabled: false
Style/CaseLikeIf:
Enabled: false
Style/ClassEqualityComparison:
Enabled: false
Style/ColonMethodDefinition:
Enabled: false
Style/CombinableLoops:
Enabled: false
Style/CommentedKeyword:
Enabled: false
Style/Dir:
Enabled: false
Style/DoubleCopDisableDirective:
Enabled: false
Style/EmptyBlockParameter:
Enabled: false
Style/EmptyLambdaParameter:
Enabled: false
Style/Encoding:
Enabled: false
Style/EvalWithLocation:
Enabled: false
Style/ExpandPathArguments:
Enabled: false
Style/ExplicitBlockArgument:
Enabled: false
Style/ExponentialNotation:
Enabled: false
Style/FloatDivision:
Enabled: false
Style/FrozenStringLiteralComment:
Enabled: false
Style/GlobalStdStream:
Enabled: false
Style/HashAsLastArrayItem:
Enabled: false
Style/HashLikeCase:
Enabled: false
Style/HashTransformKeys:
Enabled: false
Style/HashTransformValues:
Enabled: false
Style/IfUnlessModifier:
Enabled: false
Style/KeywordParametersOrder:
Enabled: false
Style/MinMax:
Enabled: false
Style/MixinUsage:
Enabled: false
Style/MultilineWhenThen:
Enabled: false
Style/NegatedUnless:
Enabled: false
Style/NumericPredicate:
Enabled: false
Style/OptionalBooleanParameter:
Enabled: false
Style/OrAssignment:
Enabled: false
Style/RandomWithOffset:
Enabled: false
Style/RedundantAssignment:
Enabled: false
Style/RedundantCondition:
Enabled: false
Style/RedundantConditional:
Enabled: false
Style/RedundantFetchBlock:
Enabled: false
Style/RedundantFileExtensionInRequire:
Enabled: false
Style/RedundantRegexpCharacterClass:
Enabled: false
Style/RedundantRegexpEscape:
Enabled: false
Style/RedundantSelfAssignment:
Enabled: false
Style/RedundantSort:
Enabled: false
Style/RescueStandardError:
Enabled: false
Style/SingleArgumentDig:
Enabled: false
Style/SlicingWithRange:
Enabled: false
Style/SoleNestedConditional:
Enabled: false
Style/StderrPuts:
Enabled: false
Style/StringConcatenation:
Enabled: false
Style/Strip:
Enabled: false
Style/SymbolProc:
Enabled: false
Style/TrailingBodyOnClass:
Enabled: false
Style/TrailingBodyOnMethodDefinition:
Enabled: false
Style/TrailingBodyOnModule:
Enabled: false
Style/TrailingCommaInHashLiteral:
Enabled: false
Style/TrailingMethodEndStatement:
Enabled: false
Style/UnpackFirst:
Enabled: false
Lint/DuplicateBranch:
Enabled: false
Lint/DuplicateRegexpCharacterClassElement:
Enabled: false
Lint/EmptyBlock:
Enabled: false
Lint/EmptyClass:
Enabled: false
Lint/NoReturnInBeginEndBlocks:
Enabled: false
Lint/ToEnumArguments:
Enabled: false
Lint/UnexpectedBlockArity:
Enabled: false
Lint/UnmodifiedReduceAccumulator:
Enabled: false
Performance/CollectionLiteralInLoop:
Enabled: false
Style/ArgumentsForwarding:
Enabled: false
Style/CollectionCompact:
Enabled: false
Style/DocumentDynamicEvalDefinition:
Enabled: false
Style/NegatedIfElseCondition:
Enabled: false
Style/NilLambda:
Enabled: false
Style/RedundantArgument:
Enabled: false
Style/SwapValues:
Enabled: false

8
.sync.yml Normal file
View File

@ -0,0 +1,8 @@
# This file can be used to customize the files managed by PDK.
#
# See https://github.com/puppetlabs/pdk-templates/blob/main/README.md
# for more information.
#
# See https://github.com/puppetlabs/pdk-templates/blob/main/config_defaults.yml
# for the default values.
--- {}

45
.travis.yml
View File

@ -1,44 +1,45 @@
---
sudo: false
dist: trusty
os: linux
dist: xenial
language: ruby
cache: bundler
before_install:
- bundle -v
- rm -f Gemfile.lock
- gem update --system
- "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner"
- "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used"
- "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set"
- '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION'
- gem --version
- bundle -v
script:
- 'bundle exec rake $CHECK'
bundler_args: --without system_tests
rvm:
- 2.4.4
env:
global:
- BEAKER_PUPPET_COLLECTION=puppet5 PUPPET_GEM_VERSION="~> 5.0"
matrix:
- 2.5.7
stages:
- static
- spec
- acceptance
-
if: tag =~ ^v\d
name: deploy
jobs:
fast_finish: true
include:
-
env: CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop"
env: CHECK="validate lint check rubocop"
stage: static
-
env: CHECK=parallel_spec
env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec
rvm: 2.5.7
stage: spec
-
env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec
rvm: 2.1.9
env: DEPLOY_TO_FORGE=yes
stage: deploy
branches:
only:
- master
- main
- /^v\d/
notifications:
email: false
deploy:
provider: puppetforge
user: puppet
password:
secure: ""
on:
tags: true
all_branches: true
condition: "$DEPLOY_TO_FORGE = yes"

6
.vscode/extensions.json vendored Normal file
View File

@ -0,0 +1,6 @@
{
"recommendations": [
"puppet.puppet-vscode",
"rebornix.Ruby"
]
}

13
CHANGELOG.md
View File

@ -2,6 +2,19 @@
All notable changes to this project will be documented in this file.
## 0.4.2 (2021-05-11)
### Addition
- New parameters (bind_timelimit, timelimit, idle_timelimit, reconnect_sleeptime, reconnect_retrytime)
- New Hiera example files
### Changed
- Documentation reviewed and improved
- ldap_search_base parameter is now optional
- Module converted to the latest version of PDK (2.2.0)
## 0.4.1 (2019-03-11)
### [Related PR : https://github.com/geekix/puppet-nslcd/pull/18]

52
Gemfile
View File

@ -1,42 +1,36 @@
source ENV['GEM_SOURCE'] || 'https://rubygems.org'
def location_for(place_or_version, fake_version = nil)
if place_or_version =~ %r{\A(git[:@][^#]*)#(.*)}
[fake_version, { git: Regexp.last_match(1), branch: Regexp.last_match(2), require: false }].compact
elsif place_or_version =~ %r{\Afile:\/\/(.*)}
['>= 0', { path: File.expand_path(Regexp.last_match(1)), require: false }]
git_url_regex = %r{\A(?<url>(https?|git)[:@][^#]*)(#(?<branch>.*))?}
file_url_regex = %r{\Afile:\/\/(?<path>.*)}
if place_or_version && (git_url = place_or_version.match(git_url_regex))
[fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact
elsif place_or_version && (file_url = place_or_version.match(file_url_regex))
['>= 0', { path: File.expand_path(file_url[:path]), require: false }]
else
[place_or_version, { require: false }]
end
end
def gem_type(place_or_version)
if place_or_version =~ %r{\Agit[:@]}
:git
elsif !place_or_version.nil? && place_or_version.start_with?('file:')
:file
else
:gem
end
end
ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
minor_version = ruby_version_segments[0..1].join('.')
group :development do
gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0')
gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0')
gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0')
gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9')
gem "json", '<= 2.0.4', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.4.4')
gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby]
gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby]
gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
end
group :system_tests do
gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
end
puppet_version = ENV['PUPPET_GEM_VERSION']
puppet_type = gem_type(puppet_version)
facter_version = ENV['FACTER_GEM_VERSION']
hiera_version = ENV['HIERA_GEM_VERSION']
@ -50,16 +44,6 @@ gems['puppet'] = location_for(puppet_version)
gems['facter'] = location_for(facter_version) if facter_version
gems['hiera'] = location_for(hiera_version) if hiera_version
if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)}
# If we're using a Puppet gem on Windows which handles its own win32-xxx gem
# dependencies (>= 3.5.0), set the maximum versions (see PUP-6445).
gems['win32-dir'] = ['<= 0.4.9', require: false]
gems['win32-eventlog'] = ['<= 0.6.5', require: false]
gems['win32-process'] = ['<= 0.7.5', require: false]
gems['win32-security'] = ['<= 0.2.5', require: false]
gems['win32-service'] = ['0.8.8', require: false]
end
gems.each do |gem_name, gem_params|
gem gem_name, *gem_params
end

135
README.md
View File

@ -3,46 +3,40 @@
#### Table of Contents
1. [Overview](#overview)
2. [Module Description - What the module does and why it is useful](#module-description)
3. [Setup - The basics of getting started with nslcd](#setup)
* [What nslcd affects](#what-nslcd-affects)
4. [Usage - Configuration options and additional functionality](#usage)
5. [Reference - An under-the-hood peek at what the module is doing and how](#reference)
5. [Limitations - OS compatibility, etc.](#limitations)
6. [Development - Guide for contributing to the module](#development)
2. [Dependencies](#dependencies)
3. [Usage](#usage)
4. [What the module affects](#what-the-module-affects)
5. [Parameters](#parameters)
6. [Extend the configuration](#extend-the-configuration)
7. [Limitations](#limitations)
8. [Development](#development)
## Overview
This module installs and configured nslcd to get pam/nss data from ldap.
This module installs and configured a local NSLCD daemon.
NSLCD is used to provide LDAP authentication through PAM/NSS.
## Module Description
## Dependencies
This module allows you to install and configure the nslcd daemon (and its dependencies), to provide ldap support for
PAM and NSS.
## Setup
### What nslcd affects
* `nslcd` package and service
* `/etc/nslcd.conf`
[Stdlib - https://forge.puppet.com/modules/puppetlabs/stdlib](https://forge.puppet.com/modules/puppetlabs/stdlib)
## Usage
Simply include/contain/required/declare the nslcd class.
It includes a few sane defaults, so it should work out of the box.
However, we recommend that you declare the class and override a few parameters:
The module includes a few sane defaults, so it should work out of the box.
Just fill in these parameters :
* In the module
* Example
```
class { 'nslcd':
ldap_uris => ['ldap://ldap01.mycompany.com:389','ldap://ldap02.mycompany.com:389'],
ldap_search_base => 'dc=company,dc=com'
class
{
'nslcd':
ldap_uris => ['ldap://ldap01.mycompany.com:389','ldap://ldap02.mycompany.com:389'],
ldap_search_base => 'dc=company,dc=com'
}
```
* In hieradata
* The same in Hiera
```
nslcd::ldap_uris:
@ -51,20 +45,91 @@ nslcd::ldap_uris:
nslcd::ldap_search_base: 'dc=company,dc=com'
```
## Reference
* Will give this in the config file
*todo*
```
uri ldap://ldap01.company.com:389 ldap://ldap02.company.com:389
base dc=company,dc=com
```
## What the module affects
* `nslcd` package and service
* `/etc/nslcd.conf`
## Parameters
Parameter | Parameter type | Default value | Description
--------- | ---------- | ------------- | -----------
package_ensure | Variant[Boolean,String] | present | Sets if the package should be present or absent.
package_name | String | Depends on the Linux distrib | Name of the package to install. Set if your platform is not supported.
package_manage | Boolean | true | Sets if the module should manage or not the package installation.
service_ensure | Variant[Boolean,Enum['stopped','running']] | running | Sets if the service should be running or stopped.
service_enable | Boolean | true | Sets if the service should be started on system boot.
service_name | String | nslcd | Sets the name of the service. Set if your platform is not supported.
service_manage | Boolean | true | Sets if the module should manage or not the service.
uid | String | nslcd | Sets the user to start the daemon.
gid | String | Depends on the Linux distrib | Sets the group to start the daemon.
config | Stdlib::Unixpath | /etc/nslcd.conf | Sets the path of the config file.
config_user | String | root | Sets the owner of the config file.
config_group | String | Depends on the Linux distrib | Sets the group of the config file.
config_mode | Stdlib::Filemode | Depends on the Linux distrib | Permission of the config file.
ldap_uris | Array[String] | ldap:/// | Array of LDAP servers.
ldap_version | Enum['2','3'] | 3 | Sets the LDAP version to use.
ldap_binddn | String | undef | Sets the DN (distinguished name) to bind to the LDAP servers.
ldap_bindpw | String | undef | Sets the password to bind to the LDAP servers. Only used if the parameter ldap_binddn is set.
ldap_search_base | String | undef | Sets the base DN (distinguished name) to use as the search base.
ldap_group_base | String | undef | Sets the base DN (distinguished name) to use as the group search base.
ldap_search_scope | Enum['sub','subtree','one','onelevel','base'] | subtree | Sets the search scope depth.
config_options | Hash | {} | Key/Value hash to extend the configuration.
ldap_filters | Hash | {} | Sets the LDAP search filter for specific mapping.
ldap_maps | Hash | {} | Allows for custom attributes to be looked up.
ldap_ssl | Enum['on','off','start_tls'] | off | Whether to use SSL/TLS for the connexion to the LDAP servers.
ldap_tls_reqcert | Enum['never','allow','try','demand','hard'] | allow | Sets what checks to perform on a server-supplied certificate.
ldap_tls_cacertfile | String | undef | Sets the path of the PEM-format file containing certificates for the CA's that will be trusted.
bind_timelimit | Integer | undef | Sets the time limit (in seconds) to setup a connexion with the LDAP server.
timelimit | Integer | undef | Sets the time limit (in seconds) to wait for a response from the LDAP server.
idle_timelimit | Integer | undef | Sets the period if inactivity (in seconds) after which the connection to the LDAP server will be closed.
reconnect_sleeptime | Integer | 1 | Sets the number of seconds to sleep when connecting to all LDAP servers fails.
reconnect_retrytime | Integer | 10 | Sets the time after which the LDAP server is considered to be permanently unavailable. Once this time is reached retries will be done only once per this time period.
## Extend the configuration
The module exposes the most commonly used paramaters. However, to extend the configuration use the **config_options** parameter.
It allows you to set any parameter not listed above.
* Example configuration
```
class
{
'nslcd':
config_options:
threads: '10'
}
```
* The same config in Hiera
```
nslcd::config_options:
threads: '10'
```
* Will give this in the config file
```
threads 10
```
## Limitations
The module has been tested with Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Debian 8, Debian 9 and Puppet 4.10.
It should work with Puppet 4.x.
The module has been tested with :
For additional OS support, you should contribute it back upstream!
The module doesn't support setting the `rootbinddn` and `rootbindpw` attributes yet, it will be added in a next version.
* Ubuntu 14.04 / 16.04 / 18.04 / 20.04
* Debian 8 / 9 / 10 / 11
* Puppet 4 / 5 / 6
## Development
If you want to improve this module, send us a patch of pull request!
If you want to improve this module, send us a pull request !

34
Rakefile
View File

@ -1,7 +1,12 @@
# frozen_string_literal: true
require 'bundler'
require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-syntax/tasks/puppet-syntax'
require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?
def changelog_user
return unless Rake.application.top_level_tasks.include? "changelog"
@ -13,15 +18,24 @@ end
def changelog_project
return unless Rake.application.top_level_tasks.include? "changelog"
returnVal = nil || JSON.load(File.read('metadata.json'))['name']
raise "unable to find the changelog_project in .sync.yml or the name in metadata.json" if returnVal.nil?
returnVal = nil
returnVal ||= begin
metadata_source = JSON.load(File.read('metadata.json'))['source']
metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z})
metadata_source_match && metadata_source_match[1]
end
raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil?
puts "GitHubChangelogGenerator project:#{returnVal}"
returnVal
end
def changelog_future_release
return unless Rake.application.top_level_tasks.include? "changelog"
returnVal = JSON.load(File.read('metadata.json'))['version']
returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version']
raise "unable to find the future_release (version) in metadata.json" if returnVal.nil?
puts "GitHubChangelogGenerator future_release:#{returnVal}"
returnVal
@ -29,6 +43,7 @@ end
PuppetLint.configuration.send('disable_relative')
if Bundler.rubygems.find_name('github_changelog_generator').any?
GitHubChangelogGenerator::RakeTask.new :changelog do |config|
raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
@ -39,7 +54,7 @@ if Bundler.rubygems.find_name('github_changelog_generator').any?
config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)."
config.add_pr_wo_labels = true
config.issues = false
config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM"
config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB"
config.configure_sections = {
"Changed" => {
"prefix" => "### Changed",
@ -47,11 +62,11 @@ if Bundler.rubygems.find_name('github_changelog_generator').any?
},
"Added" => {
"prefix" => "### Added",
"labels" => ["feature", "enhancement"],
"labels" => ["enhancement", "feature"],
},
"Fixed" => {
"prefix" => "### Fixed",
"labels" => ["bugfix"],
"labels" => ["bug", "documentation", "bugfix"],
},
}
end
@ -59,16 +74,15 @@ else
desc 'Generate a Changelog from GitHub'
task :changelog do
raise <<EOM
The changelog tasks depends on unreleased features of the github_changelog_generator gem.
The changelog tasks depends on recent features of the github_changelog_generator gem.
Please manually add it to your .sync.yml for now, and run `pdk update`:
---
Gemfile:
optional:
':development':
- gem: 'github_changelog_generator'
git: 'https://github.com/skywinder/github-changelog-generator'
ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018'
condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')"
version: '~> 1.15'
condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')"
EOM
end
end

25
appveyor.yml
View File

@ -1,5 +1,10 @@
---
version: 1.1.x.{build}
skip_branch_with_pr: true
branches:
only:
- main
- release
skip_commits:
message: /^\(?doc\)?.*/
clone_depth: 10
@ -12,23 +17,15 @@ init:
environment:
matrix:
-
RUBY_VERSION: 24-x64
CHECK: syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop
RUBY_VERSION: 25-x64
CHECK: validate lint check rubocop
-
PUPPET_GEM_VERSION: ~> 4.0
RUBY_VERSION: 21
PUPPET_GEM_VERSION: ~> 6.0
RUBY_VERSION: 25
CHECK: parallel_spec
-
PUPPET_GEM_VERSION: ~> 4.0
RUBY_VERSION: 21-x64
CHECK: parallel_spec
-
PUPPET_GEM_VERSION: ~> 5.0
RUBY_VERSION: 24
CHECK: parallel_spec
-
PUPPET_GEM_VERSION: ~> 5.0
RUBY_VERSION: 24-x64
PUPPET_GEM_VERSION: ~> 6.0
RUBY_VERSION: 25-x64
CHECK: parallel_spec
matrix:
fast_finish: true

28
data/Debian.yaml Normal file
View File

@ -0,0 +1,28 @@
---
nslcd::package_ensure: 'present'
nslcd::package_name: 'nslcd'
nslcd::package_manage: true
nslcd::service_ensure: 'running'
nslcd::service_enable: true
nslcd::service_name: 'nslcd'
nslcd::service_manage: true
nslcd::uid: 'nslcd'
nslcd::gid: 'nslcd'
nslcd::config: '/etc/nslcd.conf'
nslcd::config_user: 'root'
nslcd::config_group: 'nslcd'
nslcd::config_mode: '0640'
nslcd::ldap_uris:
- 'ldap://ldap01.company.com:389'
- 'ldap://ldap01.company.com:389'
nslcd::ldap_version: '3'
nslcd::ldap_binddn: 'cn=bind_user,ou=user,dc=company,dc=com'
nslcd::ldap_bindpw: 'secure_bind_user_password'
nslcd::ldap_search_base: 'dc=company,dc=com'
nslcd::ldap_group_base: 'ou=groups,dc=company,dc=com'
nslcd::ldap_search_scope: 'subtree'
nslcd::ldap_ssl: 'off'
nslcd::ldap_tls_reqcert: 'allow'
nslcd::reconnect_sleeptime: 1
nslcd::reconnect_retrytime: 10

28
data/RedHat.yaml Normal file
View File

@ -0,0 +1,28 @@
---
nslcd::package_ensure: 'present'
nslcd::package_name: 'nss-pam-ldapd'
nslcd::package_manage: true
nslcd::service_ensure: 'running'
nslcd::service_enable: true
nslcd::service_name: 'nslcd'
nslcd::service_manage: true
nslcd::uid: 'nslcd'
nslcd::gid: 'ldap'
nslcd::config: '/etc/nslcd.conf'
nslcd::config_user: 'root'
nslcd::config_group: 'root'
nslcd::config_mode: '0600'
nslcd::ldap_uris:
- 'ldap://ldap01.company.com:389'
- 'ldap://ldap01.company.com:389'
nslcd::ldap_version: '3'
nslcd::ldap_binddn: 'cn=bind_user,ou=user,dc=company,dc=com'
nslcd::ldap_bindpw: 'secure_bind_user_password'
nslcd::ldap_search_base: 'dc=company,dc=com'
nslcd::ldap_group_base: 'ou=groups,dc=company,dc=com'
nslcd::ldap_search_scope: 'subtree'
nslcd::ldap_ssl: 'off'
nslcd::ldap_tls_reqcert: 'allow'
nslcd::reconnect_sleeptime: 1
nslcd::reconnect_retrytime: 10

6
data/common.yaml Normal file
View File

@ -0,0 +1,6 @@
---
nslcd::ldap_uris:
- 'ldap://ldap01.company.com:389'
- 'ldap://ldap01.company.com:389'
nslcd::ldap_search_base: 'dc=company,dc=com'

12
examples/init.pp
View File

@ -1,12 +0,0 @@
# The baseline for module testing used by Puppet Labs is that each manifest
# should have a corresponding test manifest that declares that class or defined
# type.
#
# Tests are then run by using puppet apply --noop (to check for compilation
# errors and view a log of events) or by fully applying the test in a virtual
# environment (to compare the resulting system state to the desired state).
#
# Learn more about module testing here:
# http://docs.puppetlabs.com/guides/tests_smoke.html
#
include nslcd

21
hiera.yaml Normal file
View File

@ -0,0 +1,21 @@
---
version: 5
defaults: # Used for any hierarchy level that omits these keys.
datadir: data # This path is relative to hiera.yaml's directory.
data_hash: yaml_data # Use the built-in YAML backend.
hierarchy:
- name: "osfamily/major release"
paths:
# Used to distinguish between Debian and Ubuntu
- "os/%{facts.os.name}/%{facts.os.release.major}.yaml"
- "os/%{facts.os.family}/%{facts.os.release.major}.yaml"
# Used for Solaris
- "os/%{facts.os.family}/%{facts.kernelrelease}.yaml"
- name: "osfamily"
paths:
- "os/%{facts.os.name}.yaml"
- "os/%{facts.os.family}.yaml"
- name: 'common'
path: 'common.yaml'

22
manifests/config.pp
View File

@ -1,14 +1,16 @@
# == Class: nslcd::config
#
# Manages the nslcd server configuration file
class nslcd::config inherits nslcd {
file { $nslcd::config:
ensure => file,
owner => $nslcd::config_user,
group => $nslcd::config_group,
mode => $nslcd::config_mode,
content => template('nslcd/nslcd.erb'),
#
class nslcd::config inherits nslcd
{
file
{
$nslcd::config:
ensure => file,
owner => $nslcd::config_user,
group => $nslcd::config_group,
mode => $nslcd::config_mode,
content => template('nslcd/nslcd.erb'),
}
}
}

117
manifests/init.pp
View File

@ -1,7 +1,105 @@
# == Class: nslcd
#
# This class manages the nslcd server and service.
class nslcd (
#
# @param package_ensure
# Sets if the package should be present or absent.
#
# @param package_name
# Name of the package to install. Depends on the Linux distrib.
# Set if your platform is not supported.
#
# @param package_manage
# Sets if the module should manage or not the package installation.
#
# @param service_ensure
# Sets if the service should be running or stopped.
#
# @param service_enable
# Sets if the service should be started on startup.
#
# @param service_name
# Sets the name of the service.
# Set if your platform is not supported.
#
# @param service_manage
# Sets if the module should manage or not the service.
#
# @param uid
# Sets the user to start the daemon.
#
# @param gid
# Sets the group to start the daemon. Depends on the Linux distrib.
#
# @param config
# Sets the path of the config file.
#
# @param config_user
# Sets the owner of the config file.
#
# @param config_group
# Sets the group of the config file. Depends on the Linux distrib.
#
# @param config_mode
# Permission of the config file. Depends on the Linux distrib.
#
# @param ldap_uris
# Array of LDAP servers.
#
# @param ldap_version
# Sets the LDAP version to use.
#
# @param ldap_binddn
# Sets the DN (distinguished name) to bind to the LDAP servers.
#
# @param ldap_bindpw
# Sets the password to bind to the LDAP servers. Only used if the parameter ldap_binddn is set.
#
# @param ldap_search_base
# Sets the base DN (distinguished name) to use as the search base.
#
# @param ldap_group_base
# Sets the base DN (distinguished name) to use as the group search base.
#
# @param ldap_search_scope
# Sets the search scope depth.
#
# @param config_options
# Key/Value hash to extend initial configuration.
#
# @param ldap_filters
# Sets the LDAP search filter for specific mapping.
#
# @param ldap_maps
# Allows for custom attributes to be looked up.
#
# @param ldap_ssl
# Whether to use SSL/TLS for the connexion to the LDAP servers.
#
# @param ldap_tls_reqcert
# Sets what checks to perform on a server-supplied certificate.
#
# @param ldap_tls_cacertfile
# Sets the path of the PEM-format file containing certificates for the CA's that will be trusted.
#
# @param bind_timelimit
# Sets the time limit (in seconds) to setup a connexion with the LDAP server.
#
# @param timelimit
# Sets the time limit (in seconds) to wait for a response from the LDAP server.
#
# @param idle_timelimit
# Sets the period if inactivity (in seconds) after which the connection to the LDAP server will be closed.
#
# @param reconnect_sleeptime
# Sets the number of seconds to sleep when connecting to all LDAP servers fails.
#
# @param reconnect_retrytime
# Sets the time after which the LDAP server is considered to be permanently unavailable.
# Once this time is reached retries will be done only once per this time period.
#
class nslcd
(
Variant[Boolean,String[1]] $package_ensure = 'present',
String[1] $package_name = $nslcd::params::package_name,
Boolean $package_manage = true,
@ -26,16 +124,21 @@ class nslcd (
Hash $ldap_filters = {},
Hash $ldap_maps = {},
Enum['on','off','start_tls'] $ldap_ssl = 'off',
Enum['never','allow','try','demand','hard' ] $ldap_tls_reqcert = 'allow',
Enum['never','allow','try','demand','hard'] $ldap_tls_reqcert = 'allow',
Optional[String[1]] $ldap_tls_cacertfile = undef,
) inherits nslcd::params {
Optional[Integer] $bind_timelimit = undef,
Integer $timelimit = 10,
Optional[Integer] $idle_timelimit = undef,
Integer $reconnect_sleeptime = 1,
Integer $reconnect_retrytime = 10,
)
inherits nslcd::params
{
contain nslcd::install
contain nslcd::config
contain nslcd::service
Class['nslcd::install']
-> Class['nslcd::config']
~> Class['nslcd::service']
}
}

17
manifests/install.pp
View File

@ -1,12 +1,15 @@
# == Class: nslcd::install
#
# Installs the nslcd package.
class nslcd::install inherits nslcd {
if $nslcd::package_manage {
package { $nslcd::package_name:
ensure => $nslcd::package_ensure,
#
class nslcd::install inherits nslcd
{
if $nslcd::package_manage
{
package
{
$nslcd::package_name:
ensure => $nslcd::package_ensure,
}
}
}
}

20
manifests/params.pp
View File

@ -1,24 +1,28 @@
# == Class: nslcd::params
#
# Sets the default parameters for the nslcd class.
class nslcd::params {
case $::osfamily {
'Debian': {
#
class nslcd::params
{
case $::osfamily
{
'Debian':
{
$package_name = 'nslcd'
$gid = 'nslcd'
$config_group = 'nslcd'
$config_mode = '0640'
}
'RedHat': {
'RedHat':
{
$package_name = 'nss-pam-ldapd'
$gid = 'ldap'
$config_group = 'root'
$config_mode = '0600'
}
default: {
default:
{
fail("The ${module_name} module is not supported on an ${::osfamily} based system.")
}
}
}
}

21
manifests/service.pp
View File

@ -1,14 +1,17 @@
# == Class: nslcd::service
#
# Manages the nslcd service.
class nslcd::service inherits nslcd {
if $nslcd::service_manage {
service { 'nslcd':
ensure => $nslcd::service_ensure,
enable => $nslcd::service_enable,
name => $nslcd::service_name,
#
class nslcd::service inherits nslcd
{
if $nslcd::service_manage
{
service
{
'nslcd':
ensure => $nslcd::service_ensure,
enable => $nslcd::service_enable,
name => $nslcd::service_name,
}
}
}
}

20
metadata.json
View File

@ -1,6 +1,6 @@
{
"name": "geekix-nslcd",
"version": "0.4.1",
"version": "0.4.2",
"author": "geekix",
"summary": "Installs and configures nslcd.",
"license": "Apache-2.0",
@ -10,7 +10,7 @@
"dependencies": [
{
"name": "puppetlabs-stdlib",
"version_requirement": ">= 4.0.0 < 7.0.0"
"version_requirement": ">= 4.0.0 < 8.1.0"
}
],
"operatingsystem_support": [
@ -18,7 +18,9 @@
"operatingsystem": "Debian",
"operatingsystemrelease": [
"8",
"9"
"9",
"10",
"11"
]
},
{
@ -26,7 +28,8 @@
"operatingsystemrelease": [
"14.04",
"16.04",
"18.04"
"18.04",
"20.04"
]
}
],
@ -40,9 +43,10 @@
"nslcd",
"pam",
"nss",
"ldap"
"ldap",
"authentication"
],
"pdk-version": "1.7.0",
"template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git",
"template-ref": "1.7.0-0-g57412ed"
"pdk-version": "2.2.0",
"template-url": "https://github.com/puppetlabs/pdk-templates#main",
"template-ref": "tags/2.3.0-0-g8aaceff"
}

12
spec/acceptance/nodesets/ubuntu-12.04-x86_64-docker.yml
View File

@ -1,12 +0,0 @@
HOSTS:
ubuntu-1204-x64:
default_apply_opts:
strict_variables:
platform: ubuntu-12.04-amd64
hypervisor : docker
image: ubuntu:12.04
# This stops the image from being deleted on completion, speeding up the process.
docker_preserve_image: true
CONFIG:
type: foss
log_level: debug

10
spec/acceptance/nodesets/ubuntu-12.04-x86_64-vagrant.yml
View File

@ -1,10 +0,0 @@
HOSTS:
ubuntu-1204-x64:
default_apply_opts:
strict_variables:
platform: ubuntu-12.04-amd64
hypervisor : vagrant
box : puppetlabs/ubuntu-12.04-64-nocm
CONFIG:
type: foss
log_level: debug

12
spec/acceptance/nodesets/ubuntu-14.04-x86_64-docker.yml
View File

@ -1,12 +0,0 @@
HOSTS:
ubuntu-1404-x64:
default_apply_opts:
strict_variables:
platform: ubuntu-14.04-amd64
hypervisor : docker
image: ubuntu:14.04
# This stops the image from being deleted on completion, speeding up the process.
docker_preserve_image: true
CONFIG:
type: foss
log_level: debug

10
spec/acceptance/nodesets/ubuntu-14.04-x86_64-vagrant.yml
View File

@ -1,10 +0,0 @@
HOSTS:
ubuntu-1404-x64:
default_apply_opts:
strict_variables:
platform: ubuntu-14.04-amd64
hypervisor : vagrant
box : puppetlabs/ubuntu-14.04-64-nocm
CONFIG:
type: foss
log_level: debug

37
spec/classes/init_spec.rb
View File

@ -1,37 +0,0 @@
require 'spec_helper'
describe 'nslcd' do
{ 'Ubuntu' => 'Debian', 'Debian' => 'Debian', 'CentOS' => 'RedHat', 'RedHat' => 'RedHat' }.each do |system, family|
context "when on system #{system}" do
facts = {
osfamily: family,
operatingsystem: system,
}
let :facts do
facts
end
it { is_expected.to contain_class('nslcd') }
it { is_expected.to contain_class('nslcd::install') }
it { is_expected.to contain_class('nslcd::config') }
it { is_expected.to contain_class('nslcd::service') }
case facts[:osfamily]
when 'Debian'
it {
is_expected.to contain_package('nslcd')
is_expected.to contain_service('nslcd')
}
when 'RedHat'
it {
is_expected.to contain_package('nss-pam-ldapd')
is_expected.to contain_service('nslcd')
}
end
end
end
context 'when on an unknown system' do
it { is_expected.to raise_error(Puppet::Error) }
end
end

2
spec/default_facts.yml
View File

@ -2,7 +2,7 @@
#
# Facts specified here will override the values provided by rspec-puppet-facts.
---
concat_basedir: "/tmp"
ipaddress: "172.16.254.254"
ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
is_pe: false
macaddress: "AA:AA:AA:AA:AA:AA"

55
spec/spec_helper.rb
View File

@ -1,11 +1,13 @@
# frozen_string_literal: true
RSpec.configure do |c|
c.mock_with :rspec
end
require 'puppetlabs_spec_helper/module_spec_helper'
require 'rspec-puppet-facts'
begin
require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb'))
rescue LoadError => loaderror
warn "Could not require spec_helper_local: #{loaderror.message}"
end
require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb'))
include RspecPuppetFacts
@ -14,15 +16,24 @@ default_facts = {
facterversion: Facter.version,
}
default_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml'))
default_module_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml'))
default_fact_files = [
File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')),
File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')),
]
if File.exist?(default_facts_path) && File.readable?(default_facts_path)
default_facts.merge!(YAML.safe_load(File.read(default_facts_path)))
default_fact_files.each do |f|
next unless File.exist?(f) && File.readable?(f) && File.size?(f)
begin
default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
rescue => e
RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
end
end
if File.exist?(default_module_facts_path) && File.readable?(default_module_facts_path)
default_facts.merge!(YAML.safe_load(File.read(default_module_facts_path)))
# read default_facts and merge them over what is provided by facterdb
default_facts.each do |fact, value|
add_custom_fact fact, value
end
RSpec.configure do |c|
@ -31,13 +42,31 @@ RSpec.configure do |c|
# set to strictest setting for testing
# by default Puppet runs at warning level
Puppet.settings[:strict] = :warning
Puppet.settings[:strict_variables] = true
end
c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT']
c.after(:suite) do
end
# Filter backtrace noise
backtrace_exclusion_patterns = [
%r{spec_helper},
%r{gems},
]
if c.respond_to?(:backtrace_exclusion_patterns)
c.backtrace_exclusion_patterns = backtrace_exclusion_patterns
elsif c.respond_to?(:backtrace_clean_patterns)
c.backtrace_clean_patterns = backtrace_exclusion_patterns
end
end
# Ensures that a module is defined
# @param module_name Name of the module
def ensure_module_defined(module_name)
module_name.split('::').reduce(Object) do |last_module, next_module|
last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module)
last_module.const_get(next_module)
last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false)
last_module.const_get(next_module, false)
end
end

40
templates/nslcd.erb
View File

@ -12,15 +12,18 @@ uri <%= @ldap_uris.sort.join(' ') %>
# The LDAP protocol version to use.
ldap_version <%= @ldap_version %>
<% if @ldap_search_base -%>
# The search base that will be used for all queries.
base <%= @ldap_search_base %>
<% if @ldap_group_base -%>
base group <%= @ldap_group_base -%>
<% end -%>
<% if @ldap_group_base -%>
# The group search base that will be used for all queries.
base group <%= @ldap_group_base %>
<% end -%>
<% if @ldap_binddn and @ldap_bindpw -%>
# The DN to bind with for normal lookups.
# The DN to bind with the LDAP server.
binddn <%= @ldap_binddn %>
bindpw <%= @ldap_bindpw %>
<% end -%>
@ -35,14 +38,6 @@ tls_cacertfile <%= @ldap_tls_cacertfile %>
# The search scope.
scope <%= @ldap_search_scope %>
<% @config_options.sort.each do |k,v| -%>
<% Array(v).each do |av| -%>
<% if ![nil, '', :undef].include?(av) -%>
<%= %Q(#{k} #{av}) %>
<% end -%>
<% end -%>
<% end -%>
<% if @ldap_filters.length > 0 -%>
# Custom search filters
<% @ldap_filters.sort.each do |map, filter| -%>
@ -58,3 +53,26 @@ map <%= map %> <%= attribute %> <%= newattribute %>
<% end -%>
<% end -%>
<% end -%>
# Timeouts
<% if @bind_timelimit -%>
bind_timelimit <%= @bind_timelimit %>
<% end -%>
timelimit <%= @timelimit %>
<% if @idle_timelimit -%>
idle_timelimit <%= @idle_timelimit %>
<% end -%>
reconnect_sleeptime <%= @reconnect_sleeptime %>
reconnect_retrytime <%= @reconnect_retrytime %>
<% if @config_options.length > 0 -%>
# Extended configuration
<% @config_options.sort.each do |k,v| -%>
<% Array(v).each do |av| -%>
<% if ![nil, '', :undef].include?(av) -%>
<%= %Q(#{k} #{av}) %>
<% end -%>
<% end -%>
<% end -%>
<% end -%>