.fixtures.yml

@@ -14,10 +14,9 @@ fixtures:
     puppet:           'https://github.com/theforeman/puppet-puppet'
     redis:            'https://github.com/voxpupuli/puppet-redis'
     systemd:
-      repo: 'https://github.com/camptocamp/puppet-systemd'
-      ref: '2.12.0'
+      repo: 'https://github.com/voxpupuli/puppet-systemd'
     selinux_core:
-      repo: "https://github.com/puppetlabs/puppetlabs-selinux_core"
+      repo: 'https://github.com/puppetlabs/puppetlabs-selinux_core'
       puppet_version: ">= 6.0.0"
     stdlib:           'https://github.com/puppetlabs/puppetlabs-stdlib'
     yumrepo_core:

CHANGELOG.md

@@ -1,5 +1,30 @@
 # Changelog
 
+## [19.0.0](https://github.com/theforeman/puppet-foreman/tree/19.0.0) (2021-11-09)
+
+[Full Changelog](https://github.com/theforeman/puppet-foreman/compare/18.2.0...19.0.0)
+
+**Breaking changes:**
+
+- Drop server\_ssl\_certs\_dir parameter [\#1003](https://github.com/theforeman/puppet-foreman/pull/1003) ([ekohl](https://github.com/ekohl))
+- Fixes [\#33789](https://projects.theforeman.org/issues/33789) - Mark host where the installer is running as foreman [\#965](https://github.com/theforeman/puppet-foreman/pull/965) ([adamruzicka](https://github.com/adamruzicka))
+
+**Implemented enhancements:**
+
+- Refs [\#33760](https://projects.theforeman.org/issues/33760) - Add host\_reports plugin [\#1000](https://github.com/theforeman/puppet-foreman/pull/1000) ([ofedoren](https://github.com/ofedoren))
+- Switch to puppet/systemd [\#997](https://github.com/theforeman/puppet-foreman/pull/997) ([jovandeginste](https://github.com/jovandeginste))
+- Apply version restrictions to all packages [\#996](https://github.com/theforeman/puppet-foreman/pull/996) ([nbarrientos](https://github.com/nbarrientos))
+- Add Ubuntu 20.04 support & drop Ubuntu 18.04 [\#981](https://github.com/theforeman/puppet-foreman/pull/981) ([ekohl](https://github.com/ekohl))
+
+**Fixed bugs:**
+
+- Remove outdated providers docs [\#999](https://github.com/theforeman/puppet-foreman/pull/999) ([alexjfisher](https://github.com/alexjfisher))
+- Fixes [\#33511](https://projects.theforeman.org/issues/33511) - configure redis before dynflow workers [\#995](https://github.com/theforeman/puppet-foreman/pull/995) ([evgeni](https://github.com/evgeni))
+
+**Closed issues:**
+
+- foreman\_config\_entry consuming polluted value [\#989](https://github.com/theforeman/puppet-foreman/issues/989)
+
 ## [18.2.0](https://github.com/theforeman/puppet-foreman/tree/18.2.0) (2021-08-24)
 
 [Full Changelog](https://github.com/theforeman/puppet-foreman/compare/18.1.0...18.2.0)

README.md

@@ -74,25 +74,16 @@ previous stable release.
 
 ### Foreman version compatibility notes
 
-This module targets Foreman 2.4+.
+This module targets Foreman 3.1+.
+The module can be used with Foreman 2.4+ by setting `register_in_foreman => false`.
 
 ## Types and providers
 
 `foreman_config_entry` can be used to manage settings in Foreman's database, as
-seen in _Administer > Settings_. Provides:
-
-* `cli` provider uses `foreman-rake` to change settings (default)
-
-`foreman_hostgroup` can create and manage host group in Foreman's database.
-Providers:
-
-* `rest_v2` provider uses API v2 with apipie-bindings and OAuth (default)
+seen in _Administer > Settings_. The `cli` provider uses `foreman-rake` to change settings.
 
 `foreman_smartproxy` can create and manage registered smart proxies in
-Foreman's database. Providers:
-
-* `rest_v3` provider uses API v2 with Ruby HTTP library, OAuth and JSON (default)
-* `rest_v2` provider uses API v2 with apipie-bindings and OAuth
+Foreman's database. The `rest_v3` provider uses the API with Ruby's HTTP library, OAuth and JSON.
 
 ## Foreman ENC via hiera
 

lib/puppet/provider/foreman_host/rest_v3.rb

@@ -0,0 +1,55 @@
+Puppet::Type.type(:foreman_host).provide(:rest_v3, :parent => Puppet::Type.type(:foreman_resource).provider(:rest_v3)) do
+  confine :feature => [:json, :oauth]
+
+  def exists?
+    !id.nil?
+  end
+
+  def create
+    path = "api/v2/hosts/facts"
+    payload = {
+      :name => resource[:hostname],
+      :certname => resource[:hostname],
+      :facts => resource[:facts]
+    }
+    req = request(:post, path, {}, payload.to_json)
+
+    unless success?(req)
+      error_string = "Error making POST request to Foreman at #{request_uri(path)}: #{error_message(req)}"
+      raise Puppet::Error.new(error_string)
+    end
+  end
+
+  def destroy
+    req = request(:delete, destroy_path, {})
+
+    unless success?(req)
+      error_string = "Error making DELETE request to Foreman at #{request_uri(path)}: #{error_message(req)}"
+      raise Puppet::Error.new(error_string)
+    end
+  end
+
+  def id
+    host['id'] if host
+  end
+
+  def host
+    @host ||= begin
+      path = 'api/v2/hosts'
+      req = request(:get, path, :search => %{name="#{resource[:hostname]}"})
+
+      unless success?(req)
+        error_string = "Error making GET request to Foreman at #{request_uri(path)}: #{error_message(req)}"
+        raise Puppet::Error.new(error_string)
+      end
+
+      JSON.load(req.body)['results'].first
+    end
+  end
+
+  private
+
+  def destroy_path
+    "api/v2/hosts/#{id}"
+  end
+end

lib/puppet/provider/foreman_instance_host/rest_v3.rb

@@ -0,0 +1,30 @@
+Puppet::Type.type(:foreman_instance_host).provide(:rest_v3, :parent => Puppet::Type.type(:foreman_host).provider(:rest_v3)) do
+  confine :feature => [:json, :oauth]
+
+  def exists?
+    return false if host.nil?
+
+    host.fetch('infrastructure_facet', {})['foreman_instance']
+  end
+
+  def create
+    if host.nil?
+      error_string = "Host #{resource[:hostname]} does not exist in Foreman at #{request_uri('')}"
+      raise Puppet::Error.new(error_string)
+    end
+
+    path = "api/v2/instance_hosts/#{resource[:hostname]}"
+    req = request(:put, path, {})
+
+    unless success?(req)
+      error_string = "Error making PUT request to Foreman at #{request_uri(path)}: #{error_message(req)}"
+      raise Puppet::Error.new(error_string)
+    end
+  end
+
+  private
+
+  def destroy_path
+    "api/v2/instance_hosts/#{resource[:hostname]}"
+  end
+end

lib/puppet/provider/foreman_smartproxy_host/rest_v3.rb

@@ -0,0 +1,57 @@
+Puppet::Type.type(:foreman_smartproxy_host).provide(:rest_v3, :parent => Puppet::Type.type(:foreman_host).provider(:rest_v3)) do
+  confine :feature => [:json, :oauth]
+
+  def exists?
+    return false if host.nil? || proxy.nil?
+
+    host['smart_proxy_id'] == proxy_id
+  end
+
+  def create
+    if host.nil?
+      error_string = "Host #{resource[:hostname]} does not exist in Foreman at #{request_uri('')}"
+      raise Puppet::Error.new(error_string)
+    end
+
+    if proxy.nil?
+      error_string = "Proxy #{resource[:hostname]} does not exist in Foreman at #{request_uri('')}"
+      raise Puppet::Error.new(error_string)
+    end
+
+    path = "api/v2/smart_proxies/#{proxy_id}/hosts/#{id}"
+    req = request(:put, path, {})
+
+    unless success?(req)
+      error_string = "Error making PUT request to Foreman at #{request_uri(path)}: #{error_message(req)}"
+      raise Puppet::Error.new(error_string)
+    end
+  end
+
+  def proxy
+    @proxy ||= begin
+      path = 'api/v2/smart_proxies'
+      req = request(:get, path, :search => %{name="#{resource[:hostname]}"})
+
+      unless success?(req)
+        error_string = "Error making GET request to Foreman at #{request_uri(path)}: #{error_message(req)}"
+        raise Puppet::Error.new(error_string)
+      end
+
+      JSON.load(req.body)['results'][0]
+    end
+  end
+
+  def proxy_id
+    proxy['id'] if proxy
+  end
+
+  def host_id
+    host['host_id'] if host
+  end
+
+  private
+
+  def destroy_path
+    "api/v2/smart_proxies/#{proxy_id}/hosts/#{host_id}"
+  end
+end

lib/puppet/type/foreman_host.rb

@@ -0,0 +1,13 @@
+require_relative '../../puppet_x/foreman/common'
+
+Puppet::Type.newtype(:foreman_host) do
+  desc 'foreman_host creates a host in foreman.'
+
+  instance_eval(&PuppetX::Foreman::Common::FOREMAN_HOST_PARAMS)
+
+  newparam(:facts) do
+    desc 'Hash of facts about the host'
+
+    defaultto { $facts }
+  end
+end

lib/puppet/type/foreman_instance_host.rb

@@ -0,0 +1,11 @@
+require_relative '../../puppet_x/foreman/common'
+
+Puppet::Type.newtype(:foreman_instance_host) do
+  desc 'foreman_instance_host marks a host as belonging to the set of hosts that make up the Foreman instance/application'
+
+  instance_eval(&PuppetX::Foreman::Common::FOREMAN_HOST_PARAMS)
+
+  autorequire(:foreman_host) do
+    [self[:name]]
+  end
+end

lib/puppet/type/foreman_smartproxy_host.rb

@@ -0,0 +1,15 @@
+require_relative '../../puppet_x/foreman/common'
+
+Puppet::Type.newtype(:foreman_smartproxy_host) do
+  desc 'foreman_smartproxy_host marks a host as a smart proxy.'
+
+  instance_eval(&PuppetX::Foreman::Common::FOREMAN_HOST_PARAMS)
+
+  autorequire(:foreman_host) do
+    [self[:name]]
+  end
+
+  autorequire(:foreman_smartproxy) do
+    [self[:hostname]]
+  end
+end

lib/puppet_x/foreman/common.rb

@@ -0,0 +1,57 @@
+module PuppetX
+  module Foreman
+    module Common
+      FOREMAN_HOST_PARAMS = Proc.new do
+        ensurable
+
+        newparam(:name, :namevar => true) do
+          desc 'The name of the resource.'
+        end
+
+        newparam(:hostname) do
+          desc 'The name of the host.'
+        end
+
+        newparam(:base_url) do
+          desc 'Foreman\'s base url.'
+        end
+
+        newparam(:effective_user) do
+          desc 'Foreman\'s effective user for the registration (usually admin).'
+        end
+
+        newparam(:consumer_key) do
+          desc 'Foreman oauth consumer_key'
+        end
+
+        newparam(:consumer_secret) do
+          desc 'Foreman oauth consumer_secret'
+        end
+
+        newparam(:ssl_ca) do
+          desc 'Foreman SSL CA (certificate authority) for verification'
+        end
+
+        newparam(:timeout) do
+          desc "Timeout for HTTP(s) requests"
+
+          munge do |value|
+            value = value.shift if value.is_a?(Array)
+            begin
+              value = Integer(value)
+            rescue ArgumentError
+              raise ArgumentError, "The timeout must be a number.", $!.backtrace
+            end
+            [value, 0].max
+          end
+
+          defaultto 500
+        end
+
+        autorequire(:anchor) do
+          ['foreman::service']
+        end
+      end
+    end
+  end
+end

manifests/config.pp

@@ -12,6 +12,7 @@
     } else {
       include redis
       $dynflow_redis_url = "redis://localhost:${redis::port}/6"
+      Class['redis'] -> Service <| tag == 'foreman::dynflow::worker' |>
     }
 
     file { '/etc/foreman/dynflow':
@@ -124,7 +125,6 @@
       ssl_ca             => $foreman::server_ssl_ca,
       ssl_chain          => $foreman::server_ssl_chain,
       ssl_cert           => $foreman::server_ssl_cert,
-      ssl_certs_dir      => $foreman::server_ssl_certs_dir,
       ssl_key            => $foreman::server_ssl_key,
       ssl_crl            => $foreman::server_ssl_crl,
       ssl_protocol       => $foreman::server_ssl_protocol,

manifests/config/apache.pp

@@ -24,9 +24,6 @@
 # @param ssl_cert
 #   Location of the SSL certificate file.
 #
-# @param ssl_certs_dir
-#   Location of additional certificates for SSL client authentication.
-#
 # @param ssl_key
 #   Location of the SSL key file.
 #
@@ -104,7 +101,6 @@
   Optional[Stdlib::Absolutepath] $ssl_ca = undef,
   Optional[Stdlib::Absolutepath] $ssl_chain = undef,
   Optional[Stdlib::Absolutepath] $ssl_cert = undef,
-  Variant[Undef, Enum[''], Stdlib::Absolutepath] $ssl_certs_dir = undef,
   Optional[Stdlib::Absolutepath] $ssl_key = undef,
   Variant[Undef, Enum[''], Stdlib::Absolutepath] $ssl_crl = undef,
   Optional[String] $ssl_protocol = undef,
@@ -301,7 +297,6 @@
       serveraliases         => $serveraliases,
       ssl                   => true,
       ssl_cert              => $ssl_cert,
-      ssl_certs_dir         => $ssl_certs_dir,
       ssl_key               => $ssl_key,
       ssl_chain             => $ssl_chain,
       ssl_ca                => $ssl_ca,