`is` is not guaranteed to be sorted so we need to sort it before
comparing to `should.sort`

Having to specify service/port, zone and ensure for each service or port
is highly redundant and cumbersome. Make service and port default to the
resource name, ensure default to present and allow to set a default
target zone for services and ports via parameters to the firewalld
class. For ports the default protocol can also be set through a
firewalld class parameter.

Incidentally change the port spec test which seems to be incorrect
regarding parameter port accepting a hash.

Control CleanupOnExit, MinimalMark, Lockdown, IPv6_rpfilter

Define firewalld ipset options using properties:

 - family
 - hashsize
 - maxelem
 - timeout

This change is backward compatible with the definition of options using
the `options` property.

/32 is stripped by ipset when the rules is created.

When you have a long list of ips in a set, it is easier to only show what
actually changed (removal and addition).

We parse actual ipset rules to define existing resource. We avoid
declaration of getter.

We can now declare service as a protocol without port

Give more details about a zone

Sometimes firewalld ipset entries are modified by another process than puppet.
If you want to declare the ipset with puppet but not manage the entries,
we add the `manage_entries` option.

Obviously, by default entries are managed by puppet.

We throw an error if you try to define ipset entries with puppet and
don't want to manage entries (`manage_entries = false`)

 Add new firewalld_ipset option: manage_entries

From documentation: Parameters change how Puppet manages a resource, but
do not necessarily map directly to something measurable.

This option is useful if you want to control ipsets only with puppet.

Add option to remove unknown ipsets

It can be a string or a hash. We validate string content and hash
content.

+tests

If ipset is created with `instances` and `prefetch`, there is no need to
verify if the set exists using firewalld-cmd

Do not check if ipset exists again

Latest version (2.6.11) has a compatibility problem with 4.0

self.instances method on the provider class did not verify if firewalld had a
correct state before issuing `firewall-cmd` commands.
This was a problem as we were trying to collect ipset informations
without checking if firewalld was ready.

So we move the `available?` implementation to the class method to be
able to verify the current firewalld state.

Verify if firewalld is online before self.execute_firewall_cmd

Pin old rspec-puppet

Fix ordering when checking insync

Add defaults for services and ports

Add firewalld config options

Add description and short option for firewalld zone

Ipset options

In a service definition, the port is optional

Use types and remove validate

Ipset name can have dash

…ction

Add validation for rich rule action

Removed puppet < 4.3 support

Fixing syntax in firewalld::custom_service example

Fixes #191

Co-Authored-By: Alexander Fisher <alex@linfratech.co.uk>

Allow `puppetlabs-stdlib` 6

Fixes #191

Probably some issue with jruby parser.
Using more simple syntax fixed the issue

Error: Could not retrieve catalog from remote server: Error 500 on
SERVER: Server Error: Evaluation Error: Error while evaluating a
Resource Statement, Could not autoload puppet/type/firewalld_zone: Could
not autoload puppet/type/firewalld_rich_rule:
/etc/puppetlabs/code/environments/firewalld/modules/firewalld/lib/puppet_x/firewalld/property/rich_rule_action.rb:10:
unknown type of %string
            if value.keys.sort != %i[action type]
                                                ^
(file: /etc/puppetlabs/code/environments/firewalld/modules/firewalld/manifests/init.pp, line: 117, column: 7) on node test.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

Puppetserver 5 still uses jruby 1.7 by default.  This is compatible with
ruby 1.9 only.

The `**` splat operator came out in ruby 2.0.
https://www.freecodecamp.org/news/rubys-splat-and-double-splat-operators-ceb753329a78/

I've replaced its use with `merge`.

Ruby 2.0 also introduced `%i[ ]` as an array of symbols.
https://ruby-doc.org/core-2.5.1/doc/syntax/literals_rdoc.html

Also update metadata.json for migration to Vox Pupuli
See https://voxpupuli.org/blog/2019/01/03/dropping-puppet4