.fixtures.yml

@@ -8,7 +8,6 @@ fixtures:
     postgresql:       'git://github.com/puppetlabs/puppetlabs-postgresql'
     puppet:           'git://github.com/theforeman/puppet-puppet'
     stdlib:           'git://github.com/puppetlabs/puppetlabs-stdlib'
-    tftp:             'git://github.com/theforeman/puppet-tftp'
 
 
   symlinks:

.gitignore

@@ -30,6 +30,7 @@ vendor/
 
 ## rspec
 spec/fixtures/
+junit/
 
 ## Puppet module
 pkg/

.pmtignore

@@ -0,0 +1,51 @@
+# This file is managed centrally by modulesync
+#   https://github.com/theforeman/foreman-installer-modulesync
+
+## MAC OS
+.DS_Store
+
+## TEXTMATE
+*.tmproj
+tmtags
+
+## EMACS
+*~
+\#*
+.\#*
+
+## VIM
+*.swp
+*.swo
+tags
+
+## Bundler
+Gemfile.lock
+.bundle
+vendor/
+
+## rbenv / rvm
+.rbenv*
+.rvmrc*
+.ruby-*
+
+## rspec
+spec/fixtures/
+junit/
+
+## Puppet module
+pkg/
+coverage/
+.yardoc/
+
+## InteliJ / RubyMine
+.idea
+
+## Beaker
+.vagrant/
+log/
+
+# Files we don't want to ship in a release
+CONTRIBUTING.md
+Gemfile
+Rakefile
+spec/

.sync.yml

@@ -28,7 +28,3 @@ spec/spec_helper.rb:
     end
 
     Dir["./spec/support/**/*.rb"].sort.each { |f| require f }
-spec/spec_helper_acceptance.rb:
-  modules:
-    - puppet-extlib
-    - puppetlabs-apt

.travis.yml

@@ -2,26 +2,20 @@
 # This file is managed centrally by modulesync
 #   https://github.com/theforeman/foreman-installer-modulesync
 rvm:
-  - 2.1.5
+  - 2.1.9
+  - 2.2.6
+  - 2.3.0
+  - 2.4.1
 env:
+  matrix:
+    - PUPPET_VERSION=4.9
   global:
     - PARALLEL_TEST_PROCESSORS=16
-  matrix:
-    # First test the major distros
-    - PUPPET_VERSION=4.6 ONLY_OS=centos-6-x86_64,centos-7-x86_64,debian-7-x86_64,debian-8-x86_64,ubuntu-14-x86_64,ubuntu-14.04-x86_64,ubuntu-16-x86_64,ubuntu-16.04-x86_64
-    # Test the rest of the supported platforms
-    - PUPPET_VERSION=4.6 EXCLUDE_OS=centos-6-x86_64,centos-7-x86_64,debian-7-x86_64,debian-8-x86_64,ubuntu-14-x86_64,ubuntu-14.04-x86_64,ubuntu-16-x86_64,ubuntu-16.04-x86_64,scientific-6-x86_64,scientific-7-x86_64
 matrix:
   fast_finish: true
   include:
-    - rvm: 2.2.6
-      env: PUPPET_VERSION=4.6 ONLY_OS="debian-8-x86_64,centos-7-x86_64,ubuntu-16-x86_64,ubuntu-16.04-x86_64,freebsd-10-amd64,windows-2012 R2-x64"
-    - rvm: 2.3.0
-      env: PUPPET_VERSION=4.6 ONLY_OS="debian-8-x86_64,centos-7-x86_64,ubuntu-16-x86_64,ubuntu-16.04-x86_64,freebsd-10-amd64,windows-2012 R2-x64"
-    - rvm: 2.4.1
-      env: PUPPET_VERSION=4.6 ONLY_OS="debian-8-x86_64,centos-7-x86_64,ubuntu-16-x86_64,ubuntu-16.04-x86_64,freebsd-10-amd64,windows-2012 R2-x64"
     - rvm: 2.4.1
-      env: PUPPET_VERSION=5.0 ONLY_OS="debian-8-x86_64,centos-7-x86_64,ubuntu-16-x86_64,ubuntu-16.04-x86_64,freebsd-10-amd64,windows-2012 R2-x64"
+      env: PUPPET_VERSION=5.0
     # Acceptance tests
     - rvm: 2.3.1
       dist: trusty

CHANGELOG.md

@@ -1,5 +1,41 @@
 # Changelog
 
+## [9.0.0](https://github.com/theforeman/puppet-foreman/tree/9.0.0) (2018-01-25)
+[Full Changelog](https://github.com/theforeman/puppet-foreman/compare/8.1.1...9.0.0)
+
+**Breaking changes:**
+
+- Convert ipa and sssd facts to structured facts [\#618](https://github.com/theforeman/puppet-foreman/pull/618) ([ekohl](https://github.com/ekohl))
+- Fixes [\#18757](https://projects.theforeman.org/issues/18757) - Handle dynflow service in foreman core [\#602](https://github.com/theforeman/puppet-foreman/pull/602) ([ekohl](https://github.com/ekohl))
+- Remove discovery image downloading [\#583](https://github.com/theforeman/puppet-foreman/pull/583) ([ekohl](https://github.com/ekohl))
+
+**Implemented enhancements:**
+
+- Use puppet4 functions-api [\#623](https://github.com/theforeman/puppet-foreman/pull/623) ([juliantodt](https://github.com/juliantodt))
+- Refs [\#22165](https://projects.theforeman.org/issues/22165) - Add installer support for disabling hsts [\#614](https://github.com/theforeman/puppet-foreman/pull/614) ([tbrisker](https://github.com/tbrisker))
+- remove EOL OSes, add new ones [\#607](https://github.com/theforeman/puppet-foreman/pull/607) ([mmoll](https://github.com/mmoll))
+- Add unattended\_url parameter [\#606](https://github.com/theforeman/puppet-foreman/pull/606) ([matonb](https://github.com/matonb))
+- Manage puppetdb\_api\_version config entry [\#604](https://github.com/theforeman/puppet-foreman/pull/604) ([treydock](https://github.com/treydock))
+- Fixes [\#21023](https://projects.theforeman.org/issues/21023) - Update start-timeout to 90 [\#603](https://github.com/theforeman/puppet-foreman/pull/603) ([chris1984](https://github.com/chris1984))
+- Fixes [\#20819](https://projects.theforeman.org/issues/20819) - Allow turning task cleanup cron on and off [\#582](https://github.com/theforeman/puppet-foreman/pull/582) ([adamruzicka](https://github.com/adamruzicka))
+- Add ability to set SSLProtocol for Apache vhost [\#600](https://github.com/theforeman/puppet-foreman/pull/600) ([ehelms](https://github.com/ehelms))
+
+**Fixed bugs:**
+
+- fixes [\#22196](https://projects.theforeman.org/issues/22196) - use ssl chain for hammer if available [\#615](https://github.com/theforeman/puppet-foreman/pull/615) ([stbenjam](https://github.com/stbenjam))
+- Change to safe working directory in external\_node\_v2.rb [\#612](https://github.com/theforeman/puppet-foreman/pull/612) ([antaflos](https://github.com/antaflos))
+- Fixes [\#21072](https://projects.theforeman.org/issues/21072) - build apipie cache after plugins [\#592](https://github.com/theforeman/puppet-foreman/pull/592) ([mbacovsky](https://github.com/mbacovsky))
+
+## 8.1.1
+* New classes to install Foreman plugins:
+    * Add foreman::plugin::foreman_userdata
+    * Add foreman::plugin::foreman_snapshot_management
+* Other changes and fixes:
+    * Add retry to foreman reporting script
+    * Add the ability to get data by using the proxy SSL authentication configuration
+    * Allow configuring Dynflow pool size
+    * Bump allowed version of puppet-extlib to 3.0.0
+
 ## 8.1.0
 * Other changes and fixes:
     * update node.rb for Puppet5 env fact

CONTRIBUTING.md

@@ -17,10 +17,10 @@ Checklist (and a short version for the impatient)
       description (50 characters is the soft limit, excluding ticket
       number(s)), and should skip the full stop.
 
-    - If you have a [http://projects.theforeman.org/projects/puppet-foreman/issues](Redmine issue)
+    - If you have a [https://projects.theforeman.org/projects/puppet-foreman/issues](Redmine issue)
       number, associate the issue in the message.  The first line should start
       with the issue number in the form "fixes #XXXX - rest of message".
-      [More information on the Redmine style](http://projects.theforeman.org/projects/foreman/wiki/Reviewing_patches-commit_message_format).
+      [More information on the Redmine style](https://projects.theforeman.org/projects/foreman/wiki/Reviewing_patches-commit_message_format).
       Tickets are not required for our installer Puppet modules.
 
     - If you have a GitHub issue number, associate the issue in the message.
@@ -108,9 +108,9 @@ The long version
       is merged in.
 
       GitHub has some pretty good
-      [general documentation](http://help.github.com/) on using
+      [general documentation](https://help.github.com/) on using
       their site.  They also have documentation on
-      [creating pull requests](http://help.github.com/send-pull-requests/).
+      [creating pull requests](https://help.github.com/send-pull-requests/).
 
       In general, after pushing your topic branch up to your
       repository on GitHub, you can switch to the branch in the
@@ -132,10 +132,10 @@ Getting Started
 ---------------
 
 Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby
-package manager such as [bundler](http://bundler.io/) what Ruby packages,
+package manager such as [bundler](https://bundler.io/) what Ruby packages,
 or Gems, are required to build, develop, and test this software.
 
-Please make sure you have [bundler installed](http://bundler.io/#getting-started)
+Please make sure you have [bundler installed](https://bundler.io/#getting-started)
 on your system, then use it to install all dependencies needed for this project,
 by running
 
@@ -238,11 +238,11 @@ review.
 Additional Resources
 ====================
 
-* [Support and contact details](http://theforeman.org/support.html)
+* [Support and contact details](https://theforeman.org/support.html)
 
-* [General Foreman contribution details](http://theforeman.org/contribute.html)
+* [General Foreman contribution details](https://theforeman.org/contribute.html)
 
-* [General GitHub documentation](http://help.github.com/)
+* [General GitHub documentation](https://help.github.com/)
 
-* [GitHub pull request documentation](http://help.github.com/send-pull-requests/)
+* [GitHub pull request documentation](https://help.github.com/send-pull-requests/)
 

Gemfile

@@ -4,30 +4,32 @@
 source 'https://rubygems.org'
 
 gem 'puppet', ENV.key?('PUPPET_VERSION') ? "~> #{ENV['PUPPET_VERSION']}" : '>= 4.6'
-gem 'facter', ENV.key?('FACTER_VERSION') ? "~> #{ENV['FACTER_VERSION']}" : '~> 2.4.6'
 
 gem 'rake'
 gem 'rspec', '~> 3.0'
+gem 'rdoc', '~> 5.1.0', {"platforms"=>["ruby_21"]}
 gem 'rspec-puppet', '~> 2.3'
 gem 'rspec-puppet-facts', '>= 1.7'
 gem 'puppetlabs_spec_helper', '>= 2.1.1'
 gem 'puppet-lint', '>= 2'
-gem 'puppet-lint-unquoted_string-check'
-gem 'puppet-lint-empty_string-check'
-gem 'puppet-lint-spaceship_operator_without_tag-check'
-gem 'puppet-lint-variable_contains_upcase'
 gem 'puppet-lint-absolute_classname-check'
-gem 'puppet-lint-undef_in_function-check'
-gem 'puppet-lint-leading_zero-check'
-gem 'puppet-lint-trailing_comma-check'
+gem 'puppet-lint-classes_and_types_beginning_with_digits-check'
+gem 'puppet-lint-empty_string-check'
 gem 'puppet-lint-file_ensure-check'
+gem 'puppet-lint-leading_zero-check'
 gem 'puppet-lint-param-docs', '>= 1.3.0'
+gem 'puppet-lint-spaceship_operator_without_tag-check'
+gem 'puppet-lint-strict_indent-check'
+gem 'puppet-lint-trailing_comma-check'
+gem 'puppet-lint-undef_in_function-check'
+gem 'puppet-lint-unquoted_string-check'
+gem 'puppet-lint-variable_contains_upcase'
+gem 'puppet-lint-version_comparison-check'
 gem 'simplecov'
-gem 'puppet-blacksmith', '>= 3.1.0', {"groups"=>["development"]}
-gem 'json', '~> 1.0', {"platforms"=>["ruby_19"], "groups"=>["test"]}
-gem 'json_pure', '~> 1.0', {"platforms"=>["ruby_19"], "groups"=>["test"]}
-gem 'logging', '~> 2.1.0', {"platforms"=>["ruby_19"], "groups"=>["test"]}
+gem 'puppet-blacksmith', '>= 4.1.0', {"groups"=>["development"]}
+gem 'beaker', '>= 3.9.0', {"groups"=>["system_tests"]}
 gem 'beaker-rspec', {"groups"=>["system_tests"]}
+gem 'beaker-module_install_helper', {"groups"=>["system_tests"]}
 gem 'beaker-puppet_install_helper', {"groups"=>["system_tests"]}
 gem 'metadata-json-lint'
 gem 'kafo_module_lint'

README.md

@@ -51,6 +51,7 @@ previous stable release.
 
 ### Foreman version compatibility notes
 
+For Foreman 1.16 or older, please set the `dynflow_in_core` parameter to false.
 For Foreman 1.11 or older, please use the 5.x release series of this module.
 
 ## Types and providers

Rakefile

@@ -9,6 +9,8 @@ begin
   require 'puppet_blacksmith/rake_tasks'
   Blacksmith::RakeTask.new do |t|
     t.tag_pattern = "%s"
+    t.tag_message_pattern = "Version %s"
+    t.tag_sign = true
   end
 rescue LoadError
 end

files/external_node_v2.rb

@@ -338,6 +338,10 @@ def watch_and_send_facts(parallel)
     Process::UID.change_privilege(Etc.getpwnam(puppetuser).uid) unless Etc.getpwuid.name == puppetuser
     # Facter (in thread_count) tries to read from $HOME, which is still /root after the UID change
     ENV['HOME'] = Etc.getpwnam(puppetuser).dir
+    # Change CWD to the determined home directory before continuing to make
+    # sure we don't reside in /root or anywhere else we don't have access
+    # permissions
+    Dir.chdir ENV['HOME']
   rescue
     $stderr.puts "cannot switch to user #{puppetuser}, continuing as '#{Etc.getpwuid.name}'"
   end

files/foreman-report_v2.rb

@@ -36,6 +36,9 @@
   desc "Sends reports directly to Foreman"
 
   def process
+    # Default retry limit is 1.
+    retry_limit = SETTINGS[:report_retry_limit] ? SETTINGS[:report_retry_limit] : 1
+    tries = 0
     begin
       # check for report metrics
       raise(Puppet::ParseError, "Invalid report: can't find metrics information for #{self.host}") if self.metrics.nil?
@@ -65,7 +68,12 @@ def process
       req.body         = {'config_report' => generate_report}.to_json
       response = http.request(req)
     rescue Exception => e
-      raise Puppet::Error, "Could not send report to Foreman at #{foreman_url}/api/config_reports: #{e}\n#{e.backtrace}"
+      if (tries += 1) < retry_limit
+        Puppet.err "Could not send report to Foreman at #{foreman_url}/api/config_reports (attempt #{tries}/#{retry_limit}). Retrying... Stacktrace: #{e}\n#{e.backtrace}"
+        retry
+      else
+        raise Puppet::Error, "Could not send report to Foreman at #{foreman_url}/api/config_reports: #{e}\n#{e.backtrace}"
+      end
     end
   end
 

lib/facter/sssd.rb

@@ -1,46 +1,32 @@
-begin
-  require 'facter/util/sssd'
-rescue LoadError
-  # Puppet 2 compatibility, facter/ dir is the load path, not lib/
-  require 'util/sssd'
-end
+require 'facter/util/sssd'
 
 if defined? Facter::Util::Sssd
-  # == Fact: default_ipa_realm
-  # == Fact: default_ipa_server
-  # == Fact: sssd_services
-  # == Fact: sssd_ldap_user_extra_attrs
-  # == Fact: sssd_allowed_uids
-  # == Fact: sssd_user_attributes
-  #
-  Facter.add(:default_ipa_realm) do
-    setcode do
-      Facter::Util::Sssd.ipa_value('global/realm')
-    end
-  end
-  Facter.add(:default_ipa_server) do
-    setcode do
-      Facter::Util::Sssd.ipa_value('global/server')
+  # == Fact: ipa
+  Facter.add(:ipa, :type => :aggregate) do
+    {
+      :default_realm => 'global/realm',
+      :default_server => 'global/server',
+    }.each do |key, path|
+      chunk(key) do
+        val = Facter::Util::Sssd.ipa_value(path)
+        {key => val} if val
+      end
     end
   end
-  Facter.add(:sssd_services) do
-    setcode do
-      Facter::Util::Sssd.sssd_value('target[.="sssd"]/services')
-    end
-  end
-  Facter.add(:sssd_ldap_user_extra_attrs) do
-    setcode do
-      Facter::Util::Sssd.sssd_value('target[.=~regexp("domain/.*")][1]/ldap_user_extra_attrs')
-    end
-  end
-  Facter.add(:sssd_allowed_uids) do
-    setcode do
-      Facter::Util::Sssd.sssd_value('target[.="ifp"]/allowed_uids')
-    end
-  end
-  Facter.add(:sssd_user_attributes) do
-    setcode do
-      Facter::Util::Sssd.sssd_value('target[.="ifp"]/user_attributes')
+
+  # == Fact: sssd
+  Facter.add(:sssd, :type => :aggregate) do
+    {
+      :services => 'target[.="sssd"]/services',
+      :ldap_user_extra_attrs => 'target[.=~regexp("domain/.*")][1]/ldap_user_extra_attrs',
+      :allowed_uids => 'target[.="ifp"]/allowed_uids',
+      :user_attributes => 'target[.="ifp"]/user_attributes',
+    }.each do |key, path|
+      chunk(key) do
+        val = Facter::Util::Sssd.sssd_value(path)
+        {key => val} if val
+      end
     end
+
   end
 end

lib/facter/util/sssd.rb

@@ -16,7 +16,8 @@ def self.ipa_value(path)
     end
 
     def self.sssd_value(path)
-      aug_value('Sssd.lns', '/etc/sssd/sssd.conf', path)
+      val = aug_value('Sssd.lns', '/etc/sssd/sssd.conf', path)
+      val.split(',').map(&:strip) if val
     end
   end
 rescue LoadError => e