.fixtures.yml

@@ -1,7 +1,13 @@
 fixtures:
   repositories:
     apt:      'https://github.com/puppetlabs/puppetlabs-apt'
+    augeas_core:
+      repo: 'https://github.com/puppetlabs/puppetlabs-augeas_core'
+      puppet_version: '>= 6.0.0'
     concat:   'https://github.com/puppetlabs/puppetlabs-concat'
+    cron_core:
+      repo: "https://github.com/puppetlabs/puppetlabs-cron_core"
+      puppet_version: ">= 6.0.0"
     datacat:  'https://github.com/richardc/puppet-datacat'
     dhcp:     'https://github.com/theforeman/puppet-dhcp'
     dns:      'https://github.com/theforeman/puppet-dns'
@@ -13,3 +19,6 @@ fixtures:
     systemd:  'https://github.com/camptocamp/puppet-systemd'
     tftp:     'https://github.com/theforeman/puppet-tftp'
     xinetd:   'https://github.com/puppetlabs/puppetlabs-xinetd'
+    yumrepo_core:
+      repo: "https://github.com/puppetlabs/puppetlabs-yumrepo_core"
+      puppet_version: ">= 6.0.0"

.sync.yml

@@ -15,3 +15,5 @@ Rakefile:
   param_docs_pattern:
     - manifests/init.pp
     - manifests/plugin/**/*.pp
+spec/spec_helper_acceptance.rb:
+  install_epel: true

.travis.yml

@@ -17,18 +17,56 @@ matrix:
       env: PUPPET_VERSION=5.0
     - rvm: 2.5.1
       env: PUPPET_VERSION=5.0
+    - rvm: 2.5.1
+      env: PUPPET_VERSION=6.0
     # Acceptance tests
     - rvm: 2.5.1
-      dist: trusty
-      env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=centos7-64{hypervisor=docker\,hostname=centos7-64.example.com}
+      env:
+        - BEAKER_PUPPET_COLLECTION=puppet5
+        - BEAKER_setfile=centos7-64{hostname=centos7-64.example.com}
+      script: bundle exec rake beaker
+      services: docker
+      bundler_args: --without development
+      before_install:
+        - echo '{"ipv6":true,"fixed-cidr-v6":"2001:db8:1::/64"}' | sudo tee /etc/docker/daemon.json
+        - sudo service docker restart
+
+    - rvm: 2.5.1
+      env:
+        - BEAKER_PUPPET_COLLECTION=puppet6
+        - BEAKER_setfile=centos7-64{hostname=centos7-64.example.com}
+      script: bundle exec rake beaker
+      services: docker
+      bundler_args: --without development
+      before_install:
+        - echo '{"ipv6":true,"fixed-cidr-v6":"2001:db8:1::/64"}' | sudo tee /etc/docker/daemon.json
+        - sudo service docker restart
+
+    - rvm: 2.5.1
+      env:
+        - BEAKER_PUPPET_COLLECTION=puppet5
+        - BEAKER_setfile=debian9-64{hostname=debian9-64.example.com}
       script: bundle exec rake beaker
       services: docker
       bundler_args: --without development
+      before_install:
+        - echo '{"ipv6":true,"fixed-cidr-v6":"2001:db8:1::/64"}' | sudo tee /etc/docker/daemon.json
+        - sudo service docker restart
+
     - rvm: 2.5.1
-      dist: trusty
-      env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=debian9-64{hypervisor=docker\,hostname=debian9-64.example.com}
+      env:
+        - BEAKER_PUPPET_COLLECTION=puppet6
+        - BEAKER_setfile=debian9-64{hostname=debian9-64.example.com}
       script: bundle exec rake beaker
       services: docker
       bundler_args: --without development
+      before_install:
+        - echo '{"ipv6":true,"fixed-cidr-v6":"2001:db8:1::/64"}' | sudo tee /etc/docker/daemon.json
+        - sudo service docker restart
+
 bundler_args: --without system_tests development
+before_install:
+  - if [ $TRAVIS_RUBY_VERSION = 2.1.9 ] ; then
+      gem install -v 1.17.3 bundler --no-rdoc --no-ri;
+    fi
 sudo: false

CHANGELOG.md

@@ -1,5 +1,36 @@
 # Changelog
 
+## [10.0.0](https://github.com/theforeman/puppet-foreman_proxy/tree/10.0.0) (2019-01-15)
+
+[Full Changelog](https://github.com/theforeman/puppet-foreman_proxy/compare/9.0.0...10.0.0)
+
+**Breaking changes:**
+
+- Remove puppetca\_modular parameter [\#476](https://github.com/theforeman/puppet-foreman_proxy/pull/476) ([ekohl](https://github.com/ekohl))
+- Remove the default gateway [\#475](https://github.com/theforeman/puppet-foreman_proxy/pull/475) ([ekohl](https://github.com/ekohl))
+- Disable repository management by default [\#472](https://github.com/theforeman/puppet-foreman_proxy/pull/472) ([ekohl](https://github.com/ekohl))
+- Fixes [\#25591](https://projects.theforeman.org/issues/25591) - Remove $use\_ranges from infoblox dhcp [\#471](https://github.com/theforeman/puppet-foreman_proxy/pull/471) ([ekohl](https://github.com/ekohl))
+
+**Implemented enhancements:**
+
+- Allow foreman and puppet 11.x versions [\#478](https://github.com/theforeman/puppet-foreman_proxy/pull/478) ([ekohl](https://github.com/ekohl))
+- Add support for SSH BMC provider [\#470](https://github.com/theforeman/puppet-foreman_proxy/pull/470) ([mzhaase](https://github.com/mzhaase))
+- Use modern facts and IP address validation [\#469](https://github.com/theforeman/puppet-foreman_proxy/pull/469) ([ekohl](https://github.com/ekohl))
+- Add Puppet 6 support [\#468](https://github.com/theforeman/puppet-foreman_proxy/pull/468) ([ekohl](https://github.com/ekohl))
+- Add setting for openscap report upload timeout [\#467](https://github.com/theforeman/puppet-foreman_proxy/pull/467) ([xprazak2](https://github.com/xprazak2))
+- realm\_ad: Allow using unspecified DC [\#464](https://github.com/theforeman/puppet-foreman_proxy/pull/464) ([ananace](https://github.com/ananace))
+- Install foreman-proxy-journald when JOURNALD is set [\#461](https://github.com/theforeman/puppet-foreman_proxy/pull/461) ([lzap](https://github.com/lzap))
+- namespace extlib functions [\#460](https://github.com/theforeman/puppet-foreman_proxy/pull/460) ([mmoll](https://github.com/mmoll))
+
+**Fixed bugs:**
+
+- Fixes [\#25460](https://projects.theforeman.org/issues/25460) - only set the bind\_host to :: if IPv6 is available [\#466](https://github.com/theforeman/puppet-foreman_proxy/pull/466) ([evgeni](https://github.com/evgeni))
+- fixes [\#24653](https://projects.theforeman.org/issues/24653) - only use grub mkimage on RHEL 7.4 [\#446](https://github.com/theforeman/puppet-foreman_proxy/pull/446) ([stbenjam](https://github.com/stbenjam))
+
+**Merged pull requests:**
+
+- Refs [\#25825](https://projects.theforeman.org/issues/25825) - Add tests around BMC SSH parameters [\#477](https://github.com/theforeman/puppet-foreman_proxy/pull/477) ([ekohl](https://github.com/ekohl))
+
 ## [9.0.0](https://github.com/theforeman/puppet-foreman_proxy/tree/9.0.0) (2018-10-18)
 
 [Full Changelog](https://github.com/theforeman/puppet-foreman_proxy/compare/8.0.2...9.0.0)

Gemfile

@@ -25,9 +25,9 @@ gem 'puppet-lint-unquoted_string-check'
 gem 'puppet-lint-variable_contains_upcase'
 gem 'puppet-lint-version_comparison-check'
 gem 'simplecov'
-gem 'github_changelog_generator', {"git"=>"https://github.com/skywinder/github-changelog-generator", "ref"=>"20ee04ba1234e9e83eb2ffb5056e23d641c7a018", "groups"=>["development"]}
+gem 'github_changelog_generator', {"git"=>"https://github.com/skywinder/github-changelog-generator", "ref"=>"20ee04ba1234e9e83eb2ffb5056e23d641c7a018", "groups"=>["development"]} if RUBY_VERSION >= '2.2.2'
 gem 'puppet-blacksmith', '>= 4.1.0', {"groups"=>["development"]}
-gem 'beaker', '>= 4.0.0', {"groups"=>["system_tests"]}
+gem 'beaker', '>= 4.2.0', {"groups"=>["system_tests"]}
 gem 'beaker-docker', {"groups"=>["system_tests"]}
 gem 'beaker-hostgenerator', '>= 1.1.10', {"groups"=>["system_tests"]}
 gem 'beaker-puppet', {"groups"=>["system_tests"]}
@@ -36,7 +36,6 @@ gem 'beaker-module_install_helper', {"groups"=>["system_tests"]}
 gem 'beaker-puppet_install_helper', {"groups"=>["system_tests"]}
 gem 'metadata-json-lint'
 gem 'kafo_module_lint'
-gem 'rgen'
 gem 'parallel_tests'
 gem 'facterdb', '0.5.0'
 

README.md

@@ -1,3 +1,6 @@
+[![Puppet Forge](https://img.shields.io/puppetforge/v/theforeman/foreman_proxy.svg)](https://forge.puppetlabs.com/theforeman/foreman_proxy)
+[![Build Status](https://travis-ci.org/theforeman/puppet-foreman_proxy.svg?branch=master)](https://travis-ci.org/theforeman/puppet-foreman_proxy)
+
 # Puppet module for managing the Foreman Smart Proxy
 
 Installs and configures the Foreman Smart Proxy and services that it can
@@ -9,23 +12,13 @@ Part of the Foreman installer: <https://github.com/theforeman/foreman-installer>
 
 | Module version | Proxy versions | Notes                                           |
 |----------------|----------------|-------------------------------------------------|
-| 5.x            | 1.16 and newer | See compatibility notes here for 1.16-1.18      |
+| 10.x           | 1.19 and newer |                                                 |
+| 5.x - 9.x      | 1.16 - 1.20    | See compatibility notes here for 1.16-1.18      |
 | 4.x            | 1.12 - 1.17    | See compatibility notes in its README for 1.15+ |
 | 3.x            | 1.11           |                                                 |
 | 2.x            | 1.5 - 1.10     |                                                 |
 | 1.x            | 1.4 and older  |                                                 |
 
-### Compatibility notes for Smart Proxy < 1.18
-
-On Smart Proxy 1.16, 1.17 & 1.18, also set
-
-```puppet
-puppetca_modular => false,
-```
-
-to ensure that it only uses the `puppetca.yml` configuration not the provider settings files.
-
-
 ## Examples
 
 ### Minimal setup for Puppet/PuppetCA Smart Proxy

manifests/config.pp

@@ -79,6 +79,8 @@
       'puppet_proxy_puppetrun',
       'puppet_proxy_salt',
       'puppet_proxy_ssh',
+      'puppetca_hostname_whitelisting',
+      'puppetca_token_whitelisting',
     ]:
       module => false,
   }
@@ -87,14 +89,6 @@
     feature   => 'Puppet CA',
     listen_on => $::foreman_proxy::puppetca_listen_on,
   }
-  if $::foreman_proxy::puppetca_modular {
-    foreman_proxy::settings_file { [
-        'puppetca_hostname_whitelisting',
-        'puppetca_token_whitelisting',
-      ]:
-        module => false,
-    }
-  }
   foreman_proxy::settings_file { 'realm':
     enabled   => $::foreman_proxy::realm,
     feature   => 'Realm',

manifests/init.pp

@@ -2,14 +2,6 @@
 #
 # === Parameters:
 #
-# $repo::                       This can be stable, rc, or nightly
-#
-# $gpgcheck::                   Turn on/off gpg check in repo files (effective only on RedHat family systems)
-#
-# $custom_repo::                No need to change anything here by default
-#                               if set to true, no repo will be added by this module, letting you to
-#                               set it to some custom location.
-#
 # $version::                    foreman package version, it's passed to ensure parameter of package resource
 #                               can be set to specific version number, 'latest', 'present' etc.
 #
@@ -243,6 +235,18 @@
 #
 # $bmc_default_provider::       BMC default provider.
 #
+# $bmc_ssh_user::               BMC SSH user.
+#
+# $bmc_ssh_key::                BMC SSH key location.
+#
+# $bmc_ssh_powerstatus::        BMC SSH powerstatus command.
+#
+# $bmc_ssh_powercycle::         BMC SSH powercycle command.
+#
+# $bmc_ssh_poweroff::           BMC SSH poweroff command.
+#
+# $bmc_ssh_poweron::            BMC SSH poweron command.
+#
 # $keyfile::                    DNS server keyfile path
 #
 # $realm::                      Enable realm management feature
@@ -277,6 +281,10 @@
 #
 # === Advanced parameters:
 #
+# $repo::                       Which repository to use. Can be a specific version or nightly. Will not configure anything when undefined.
+#
+# $gpgcheck::                   Turn on/off gpg check in repo files (effective only on RedHat family systems)
+#
 # $dhcp_failover_address::      Address for DHCP to listen for connections from its peer
 #
 # $dhcp_failover_port::         Port for DHCP to listen & communicate with it DHCP peer
@@ -293,8 +301,6 @@
 #
 # $dhcp_manage_acls::           Whether to manage DHCP directory ACLs. This allows the Foreman Proxy user to access even if the directory mode is 0750.
 #
-# $puppetca_modular::           Whether the PuppetCa implementation is modular. This is true for 1.19 or later.
-#
 # $puppetca_provider::          Whether to use puppetca_hostname_whitelisting or puppetca_token_whitelisting
 #
 # $puppetca_sign_all::          Token-whitelisting only: Whether to sign all CSRs without checking their token
@@ -304,9 +310,8 @@
 # $puppetca_certificate::       Token-whitelisting only: Certificate to use when encrypting tokens (undef to use SSL certificate)
 #
 class foreman_proxy (
-  String $repo = $::foreman_proxy::params::repo,
+  Optional[String] $repo = $::foreman_proxy::params::repo,
   Boolean $gpgcheck = $::foreman_proxy::params::gpgcheck,
-  Boolean $custom_repo = $::foreman_proxy::params::custom_repo,
   String $version = $::foreman_proxy::params::version,
   Enum['latest', 'present', 'installed', 'absent'] $ensure_packages_version = $::foreman_proxy::params::ensure_packages_version,
   Enum['latest', 'present', 'installed', 'absent'] $plugin_version = $::foreman_proxy::params::plugin_version,
@@ -340,7 +345,6 @@
   Stdlib::Absolutepath $puppetdir = $::foreman_proxy::params::puppetdir,
   String $puppetca_cmd = $::foreman_proxy::params::puppetca_cmd,
   String $puppet_group = $::foreman_proxy::params::puppet_group,
-  Boolean $puppetca_modular = $::foreman_proxy::params::puppetca_modular,
   String $puppetca_provider = $::foreman_proxy::params::puppetca_provider,
   Stdlib::Absolutepath $autosignfile = $::foreman_proxy::params::autosignfile,
   Boolean $puppetca_sign_all = $::foreman_proxy::params::puppetca_sign_all,
@@ -430,7 +434,13 @@
   String $libvirt_connection = $::foreman_proxy::params::libvirt_connection,
   Boolean $bmc = $::foreman_proxy::params::bmc,
   Foreman_proxy::ListenOn $bmc_listen_on = $::foreman_proxy::params::bmc_listen_on,
-  Enum['ipmitool', 'freeipmi', 'shell'] $bmc_default_provider = $::foreman_proxy::params::bmc_default_provider,
+  Enum['ipmitool', 'freeipmi', 'shell', 'ssh'] $bmc_default_provider = $::foreman_proxy::params::bmc_default_provider,
+  String $bmc_ssh_user = $::foreman_proxy::params::bmc_ssh_user,
+  Stdlib::Absolutepath $bmc_ssh_key = $::foreman_proxy::params::bmc_ssh_key,
+  String $bmc_ssh_powerstatus = $::foreman_proxy::params::bmc_ssh_powerstatus,
+  String $bmc_ssh_powercycle = $::foreman_proxy::params::bmc_ssh_powercycle,
+  String $bmc_ssh_poweroff = $::foreman_proxy::params::bmc_ssh_poweroff,
+  String $bmc_ssh_poweron = $::foreman_proxy::params::bmc_ssh_poweron,
   Boolean $realm = $::foreman_proxy::params::realm,
   Foreman_proxy::ListenOn $realm_listen_on = $::foreman_proxy::params::realm_listen_on,
   String $realm_provider = $::foreman_proxy::params::realm_provider,

manifests/install.pp

@@ -1,25 +1,28 @@
 # Install the foreman proxy
 class foreman_proxy::install {
-  if ! $foreman_proxy::custom_repo {
+  if $foreman_proxy::repo {
     foreman::repos { 'foreman_proxy':
       repo     => $foreman_proxy::repo,
       gpgcheck => $foreman_proxy::gpgcheck,
+      before   => Package['foreman-proxy'],
     }
   }
 
-  $repo = $foreman_proxy::custom_repo ? {
-    true    => [],
-    default => Foreman::Repos['foreman_proxy'],
+  package {'foreman-proxy':
+    ensure => $foreman_proxy::version,
   }
 
-  package {'foreman-proxy':
-    ensure  => $foreman_proxy::version,
-    require => $repo,
+  if $foreman_proxy::log == 'JOURNALD' {
+    package { 'foreman-proxy-journald':
+      ensure => installed,
+    }
   }
 
   if $foreman_proxy::register_in_foreman {
     contain foreman::providers
-    $repo -> Class['foreman::providers']
+    if $foreman_proxy::repo {
+      Foreman::Repos['foreman_proxy'] -> Class['foreman::providers']
+    }
   }
 
   if $foreman_proxy::bmc and $foreman_proxy::bmc_default_provider != 'shell' {