modulesync 10.6.0

.devcontainer/devcontainer.json

@@ -1,4 +1,3 @@
-// For format details, see https://aka.ms/devcontainer.json. For config options, see the
 {
 	"name": "VoxBox",
 	"image": "ghcr.io/voxpupuli/voxbox:latest"

.msync.yml

@@ -2,4 +2,4 @@
 # Managed by modulesync - DO NOT EDIT
 # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
 
-modulesync_config_version: '10.5.0'
+modulesync_config_version: '10.6.0'

.rubocop.yml

@@ -1,4 +1,6 @@
 ---
+inherit_from: .rubocop_todo.yml
+
 # Managed by modulesync - DO NOT EDIT
 # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
 

.rubocop_todo.yml

@@ -0,0 +1,29 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config --no-auto-gen-timestamp`
+# using RuboCop version 1.85.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+RSpec/Output:
+  Exclude:
+    - 'spec/support/acceptance/utils.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: AllowedReceivers.
+# AllowedReceivers: Thread.current
+Style/HashEachMethods:
+  Exclude:
+    - 'lib/puppet/type/openldap_database.rb'
+
+# Offense count: 3
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Style/MapIntoArray:
+  Exclude:
+    - 'lib/puppet/provider/openldap_access/olc.rb'
+    - 'lib/puppet/provider/openldap_global_conf/olc.rb'
+    - 'lib/puppet/type/openldap_access.rb'

Gemfile

@@ -4,7 +4,7 @@
 source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 
 group :test do
-  gem 'voxpupuli-test', '~> 13.0',  :require => false
+  gem 'voxpupuli-test', '~> 14.0',  :require => false
   gem 'puppet_metadata', '~> 6.0',  :require => false
 end
 
@@ -18,7 +18,7 @@ group :system_tests do
 end
 
 group :release do
-  gem 'voxpupuli-release', '~> 5.0',  :require => false
+  gem 'voxpupuli-release', '~> 5.3',  :require => false
 end
 
 gem 'rake', :require => false

REFERENCE.md

@@ -111,12 +111,16 @@ Data type: `String[1]`
 
 
 
+Default value: `'openldap'`
+
 ##### <a name="-openldap--client--file"></a>`file`
 
 Data type: `Stdlib::Absolutepath`
 
 
 
+Default value: `'/etc/openldap/ldap.conf'`
+
 ##### <a name="-openldap--client--package_version"></a>`package_version`
 
 Data type: `String[1]`
@@ -536,48 +540,64 @@ Data type: `String[1]`
 
 
 
+Default value: `'/etc/openldap/slapd.d'`
+
 ##### <a name="-openldap--server--conffile"></a>`conffile`
 
 Data type: `String[1]`
 
 
 
+Default value: `'/etc/openldap/slapd.conf'`
+
 ##### <a name="-openldap--server--service"></a>`service`
 
 Data type: `String[1]`
 
 
 
+Default value: `'slapd'`
+
 ##### <a name="-openldap--server--owner"></a>`owner`
 
 Data type: `String[1]`
 
 
 
+Default value: `'ldap'`
+
 ##### <a name="-openldap--server--group"></a>`group`
 
 Data type: `String[1]`
 
 
 
+Default value: `'ldap'`
+
 ##### <a name="-openldap--server--escape_ldapi_ifs"></a>`escape_ldapi_ifs`
 
 Data type: `Boolean`
 
 
 
+Default value: `false`
+
 ##### <a name="-openldap--server--ldapi_ifs"></a>`ldapi_ifs`
 
 Data type: `Array[String[1]]`
 
 
 
+Default value: `['/']`
+
 ##### <a name="-openldap--server--default_directory"></a>`default_directory`
 
 Data type: `Stdlib::Absolutepath`
 
 
 
+Default value: `'/var/lib/ldap'`
+
 ##### <a name="-openldap--server--manage_epel"></a>`manage_epel`
 
 Data type: `Boolean`

lib/puppet/functions/openldap_password.rb

@@ -46,7 +46,7 @@ def generate_password(secret, scheme = 'SSHA', iterations = 60_000, hash_type =
 
       digest_map = {
         'SHA256' => { name: 'SHA256', length: 32, obj: OpenSSL::Digest.new('SHA256') },
-        'SHA512' => { name: 'SHA512', length: 64, obj: OpenSSL::Digest.new('SHA512') }
+        'SHA512' => { name: 'SHA512', length: 64, obj: OpenSSL::Digest.new('SHA512') },
       }
 
       config = digest_map[hash_type]
@@ -56,7 +56,7 @@ def generate_password(secret, scheme = 'SSHA', iterations = 60_000, hash_type =
         salt,
         iterations,
         config[:length],
-        config[:obj]
+        config[:obj],
       )
 
       password = "{PBKDF2-#{config[:name]}}#{iterations}$#{ab64_encode(salt)}$#{ab64_encode(derived_key)}"

lib/puppet/provider/openldap.rb

@@ -13,7 +13,7 @@ def self.slapcat(filter, dn = '', base = 'cn=config')
     arguments = [
       '-b', base,
       '-o', 'ldif-wrap=no',
-      '-H', "ldap:///#{dn}???#{filter}"
+      '-H', "ldap:///#{dn}???#{filter}",
     ]
 
     original_slapcat(*arguments)
@@ -34,11 +34,11 @@ def ldapadd(*args)
   # Unwrap LDIF and return each attribute beginning with "olc" also removing
   # that occurance of "olc" at the beginning.
   def self.get_lines(items)
-    items.strip.
-      gsub("\n ", '').
-      split("\n").
-      grep(%r{^olc}).
-      map { |entry| entry.gsub(%r{^olc}, '') }
+    items.strip
+         .gsub("\n ", '')
+         .split("\n")
+         .grep(%r{^olc})
+         .map { |entry| entry.gsub(%r{^olc}, '') }
   end
 
   def get_lines(*args)
@@ -60,13 +60,13 @@ def get_lines(*args)
   #    ['dn: cn=schema,cn=config', '...']]
   #
   def self.get_entries(items)
-    items.strip.
-      split("\n\n").
-      map do |paragraph|
-        paragraph.
-          gsub("\n ", '').
-          split("\n")
-      end
+    items.strip
+         .split("\n\n")
+         .map do |paragraph|
+           paragraph
+             .gsub("\n ", '')
+             .split("\n")
+         end
   end
 
   def get_entries(*args)

lib/puppet/provider/openldap_access/olc.rb

@@ -6,9 +6,9 @@
 # rubocop:disable Naming/VariableName
 # rubocop:disable Naming/MethodName
 # rubocop:disable Lint/AssignmentInCondition
-Puppet::Type.
-  type(:openldap_access).
-  provide(:olc, parent: Puppet::Provider::Openldap) do
+Puppet::Type
+  .type(:openldap_access)
+  .provide(:olc, parent: Puppet::Provider::Openldap) do
   # TODO: Use ruby bindings (can't find one that support IPC)
 
   defaultfor 'os.family' => %i[debian freebsd redhat suse]
@@ -44,7 +44,7 @@ def self.instances
             position: position,
             what: what,
             access: access,
-            suffix: suffix
+            suffix: suffix,
           )
         end
       end
@@ -133,7 +133,7 @@ def destroy
   end
 
   def initialize(value = {})
-    super(value)
+    super
     @property_flush = {}
   end
 

lib/puppet/provider/openldap_database/olc.rb

@@ -3,9 +3,9 @@
 require File.expand_path(File.join(File.dirname(__FILE__), %w[.. openldap]))
 require 'base64'
 
-Puppet::Type.
-  type(:openldap_database).
-  provide(:olc, parent: Puppet::Provider::Openldap) do
+Puppet::Type
+  .type(:openldap_database)
+  .provide(:olc, parent: Puppet::Provider::Openldap) do
   # TODO: Use ruby bindings (can't find one that support IPC)
 
   defaultfor 'os.family' => %i[debian freebsd redhat suse]
@@ -62,7 +62,7 @@ def self.instances
         when %r{^olcUpdateref: }i
           updateref = line.split[1]
         when %r{^olcLastBind: }
-          lastbind = line.split[1] == 'TRUE' ? :true : :false
+          lastbind = (line.split[1] == 'TRUE') ? :true : :false
         when %r{^olcLastBindPrecision: }
           lastbindprecision = line.split[1]
         when %r{^olcDb\S+: }i
@@ -89,9 +89,9 @@ def self.instances
             end
           end
         when %r{^olcMirrorMode: }
-          mirrormode = line.split[1] == 'TRUE' ? :true : :false
+          mirrormode = (line.split[1] == 'TRUE') ? :true : :false
         when %r{^olcMultiProvider: }
-          multiprovider = line.split[1] == 'TRUE' ? :true : :false
+          multiprovider = (line.split[1] == 'TRUE') ? :true : :false
         when %r{^olcSyncUseSubentry: }
           syncusesubentry = line.split(' ', 2)[1]
         when %r{^olcSyncrepl: }
@@ -134,7 +134,7 @@ def self.instances
         syncusesubentry: syncusesubentry,
         syncrepl: syncrepl,
         limits: limits,
-        security: security
+        security: security,
       )
     end
   end
@@ -171,11 +171,11 @@ def destroy
 
     `service slapd stop`
     File.delete("#{default_confdir}/cn=config/olcDatabase={#{@property_hash[:index]}}#{backend}.ldif")
-    slapcat("(objectClass=olc#{backend.to_s.capitalize}Config)").
-      split("\n").
-      grep(%r{^dn: }).
-      select { |dn| dn.match(%r{^dn: olcDatabase={(\d+)}#{backend},cn=config$}).captures[0].to_i > @property_hash[:index] }.
-      each do |dn|
+    slapcat("(objectClass=olc#{backend.to_s.capitalize}Config)")
+      .split("\n")
+      .grep(%r{^dn: })
+      .select { |dn| dn.match(%r{^dn: olcDatabase={(\d+)}#{backend},cn=config$}).captures[0].to_i > @property_hash[:index] }
+      .each do |dn|
       index = dn[%r{\d+}].to_i
       old_filename = "#{default_confdir}/cn=config/olcDatabase={#{index}}#{backend}.ldif"
       new_filename = "#{default_confdir}/cn=config/olcDatabase={#{index - 1}}#{backend}.ldif"
@@ -246,12 +246,12 @@ def create
     end
     t << "olcRootDN: #{resource[:rootdn]}\n" if resource[:rootdn]
     t << "olcRootPW: #{resource[:rootpw]}\n" if resource[:rootpw]
-    t << "olcReadOnly: #{resource[:readonly] == :true ? 'TRUE' : 'FALSE'}\n" if resource[:readonly]
+    t << "olcReadOnly: #{(resource[:readonly] == :true) ? 'TRUE' : 'FALSE'}\n" if resource[:readonly]
     t << "olcSizeLimit: #{resource[:sizelimit]}\n" if resource[:sizelimit]
     t << "olcDbMaxSize: #{resource[:dbmaxsize]}\n" if resource[:dbmaxsize]
     t << "olcTimeLimit: #{resource[:timelimit]}\n" if resource[:timelimit]
     t << "olcUpdateref: #{resource[:updateref]}\n" if resource[:updateref]
-    t << "olcLastBind: #{resource[:lastbind] == :true ? 'TRUE' : 'FALSE'}\n" if resource[:lastbind]
+    t << "olcLastBind: #{(resource[:lastbind] == :true) ? 'TRUE' : 'FALSE'}\n" if resource[:lastbind]
     t << "olcLastBindPrecision: #{resource[:lastbindprecision]}\n" if resource[:lastbindprecision]
     resource[:dboptions]&.each do |k, v|
       t << case k
@@ -269,9 +269,9 @@ def create
              end
            end
     end
-    t << (resource[:syncrepl].map { |x| "olcSyncrepl: #{x}\n" }.join) if resource[:syncrepl]
-    t << "olcMirrorMode: #{resource[:mirrormode] == :true ? 'TRUE' : 'FALSE'}\n" if resource[:mirrormode]
-    t << "olcMultiProvider: #{resource[:multiprovider] == :true ? 'TRUE' : 'FALSE'}\n" if resource[:multiprovider]
+    t << resource[:syncrepl].map { |x| "olcSyncrepl: #{x}\n" }.join if resource[:syncrepl]
+    t << "olcMirrorMode: #{(resource[:mirrormode] == :true) ? 'TRUE' : 'FALSE'}\n" if resource[:mirrormode]
+    t << "olcMultiProvider: #{(resource[:multiprovider] == :true) ? 'TRUE' : 'FALSE'}\n" if resource[:multiprovider]
     t << "olcSyncUseSubentry: #{resource[:syncusesubentry]}\n" if resource[:syncusesubentry]
     t << "#{resource[:limits].map { |x| "olcLimits: #{x}" }.join("\n")}\n" if resource[:limits] && !resource[:limits].empty?
     t << "#{resource[:security].map { |k, v| "olcSecurity: #{k}=#{v}" }.join("\n")}\n" if resource[:security] && !resource[:security].empty?
@@ -297,14 +297,14 @@ def create
     t.delete
     initdb if resource[:initdb] == :true
     @property_hash[:ensure] = :present
-    slapcat("(&(objectClass=olc#{resource[:backend].to_s.capitalize}Config)(olcSuffix=#{resource[:suffix]}))").
-      split("\n").map do |line|
+    slapcat("(&(objectClass=olc#{resource[:backend].to_s.capitalize}Config)(olcSuffix=#{resource[:suffix]}))")
+      .split("\n").map do |line|
       @property_hash[:index] = line.match(%r{^olcDatabase: \{(\d+)\}#{resource[:backend]}$}).captures[0] if line =~ %r{^olcDatabase: }
     end
   end
 
   def initialize(value = {})
-    super(value)
+    super
     @property_flush = {}
   end
 
@@ -394,7 +394,7 @@ def flush
       t << "replace: olcRootPW\nolcRootPW: #{resource[:rootpw]}\n-\n" if @property_flush[:rootpw]
       t << "replace: olcSuffix\nolcSuffix: #{resource[:suffix]}\n-\n" if @property_flush[:suffix]
       t << "replace: olcRelay\nolcRelay: #{resource[:relay]}\n-\n" if @property_flush[:relay]
-      t << "replace: olcReadOnly\nolcReadOnly: #{resource[:readonly] == :true ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:readonly]
+      t << "replace: olcReadOnly\nolcReadOnly: #{(resource[:readonly] == :true) ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:readonly]
       t << "replace: olcSizeLimit\nolcSizeLimit: #{resource[:sizelimit]}\n-\n" if @property_flush[:sizelimit]
       t << "replace: olcTimeLimit\nolcTimeLimit: #{resource[:timelimit]}\n-\n" if @property_flush[:timelimit]
       t << "replace: olcDbMaxSize\nolcDbMaxSize: #{resource[:dbmaxsize]}\n-\n" if @property_flush[:dbmaxsize]
@@ -434,10 +434,10 @@ def flush
       end
       t << "replace: olcSyncrepl\n#{resource[:syncrepl].map { |x| "olcSyncrepl: #{x}" }.join("\n")}\n-\n" if @property_flush[:syncrepl]
       t << "replace: olcUpdateref\nolcUpdateref: #{resource[:updateref]}\n-\n" if @property_flush[:updateref]
-      t << "replace: olcLastBind\nolcLastBind: #{resource[:lastbind] == :true ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:lastbind]
+      t << "replace: olcLastBind\nolcLastBind: #{(resource[:lastbind] == :true) ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:lastbind]
       t << "replace: olcLastBindPrecision\nolcLastBindPrecision: #{resource[:lastbindprecision]}\n" if @property_flush[:lastbindprecision]
-      t << "replace: olcMirrorMode\nolcMirrorMode: #{resource[:mirrormode] == :true ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:mirrormode]
-      t << "replace: olcMultiProvider\nolcMultiProvider: #{resource[:multiprovider] == :true ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:multiprovider]
+      t << "replace: olcMirrorMode\nolcMirrorMode: #{(resource[:mirrormode] == :true) ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:mirrormode]
+      t << "replace: olcMultiProvider\nolcMultiProvider: #{(resource[:multiprovider] == :true) ? 'TRUE' : 'FALSE'}\n-\n" if @property_flush[:multiprovider]
       t << "replace: olcSyncUseSubentry\nolcSyncUseSubentry: #{resource[:syncusesubentry]}\n-\n" if @property_flush[:syncusesubentry]
       t << "replace: olcLimits\n#{@property_flush[:limits].map { |x| "olcLimits: #{x}" }.join("\n")}\n-\n" if @property_flush[:limits]
       t << "replace: olcSecurity\n#{@property_flush[:security].map { |k, v| "olcSecurity: #{k}=#{v}" }.join("\n")}\n-\n" if @property_flush[:security]

lib/puppet/provider/openldap_dbindex/olc.rb

@@ -5,9 +5,9 @@
 # rubocop:disable Naming/VariableName
 # rubocop:disable Naming/MethodName
 # rubocop:disable Lint/AssignmentInCondition
-Puppet::Type.
-  type(:openldap_dbindex).
-  provide(:olc, parent: Puppet::Provider::Openldap) do
+Puppet::Type
+  .type(:openldap_dbindex)
+  .provide(:olc, parent: Puppet::Provider::Openldap) do
   # TODO: Use ruby bindings (can't find one that support IPC)
 
   defaultfor 'os.family' => %i[debian freebsd redhat suse]
@@ -32,7 +32,7 @@ def self.instances
             ensure: :present,
             attribute: attrlist,
             suffix: suffix,
-            indices: indices
+            indices: indices,
           )
         end
       end