diff --git a/.fixtures.yml b/.fixtures.yml index 6303d2c..ce30541 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,11 +1,8 @@ --- fixtures: - repositories: - "concat": - repo: "https://github.com/puppetlabs/puppetlabs-concat.git" - "stdlib": - repo: "https://github.com/puppetlabs/puppetlabs-stdlib.git" - "cron_core": - repo: 'https://github.com/puppetlabs/puppetlabs-cron_core' + forge_modules: + concat: puppetlabs/concat + stdlib: puppetlabs/stdlib + cron_core: puppetlabs/cron_core symlinks: - "borgbackup": "#{source_dir}" + "borgbackup": "#{source_dir}" diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..37a7699 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,2 @@ +github: [cirrax] +custom: ["https://cirrax.com"] diff --git a/.github/workflows/pdk.yml b/.github/workflows/pdk.yml new file mode 100644 index 0000000..4012fa3 --- /dev/null +++ b/.github/workflows/pdk.yml @@ -0,0 +1,37 @@ +name: PDK + +on: + - 'push' + - 'pull_request' + +jobs: + validate: + runs-on: ubuntu-latest + container: puppet/pdk:latest + outputs: + puppet_unit_test_matrix: ${{ steps.get-outputs.outputs.puppet_unit_test_matrix }} + github_action_test_matrix: ${{ steps.get-outputs.outputs.github_action_test_matrix }} + steps: + - name: Install build-essential + run: | + export DEBIAN_FRONTEND=noninteractive; + apt-get --yes update + apt-get --yes install build-essential + - name: Check out repository code + uses: actions/checkout@v3 + - name: run pdk validate + run: pdk validate + + unit-test: + runs-on: ubuntu-latest + container: puppet/pdk:latest + steps: + - name: Install build-essential + run: | + export DEBIAN_FRONTEND=noninteractive; + apt-get --yes update + apt-get --yes install build-essential + - name: Check out repository code + uses: actions/checkout@v3 + - name: run pdk test unit + run: pdk test unit diff --git a/.gitignore b/.gitignore index 988dcbb..2803e56 100644 --- a/.gitignore +++ b/.gitignore @@ -16,9 +16,10 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ +/.vendor/ /convert_report.txt /update_report.txt .DS_Store @@ -26,3 +27,9 @@ .envrc /inventory.yaml /spec/fixtures/litmus_inventory.yaml +.resource_types +.modules +.task_cache.json +.plan_cache.json +.rerun.json +bolt-debug.log diff --git a/.pdkignore b/.pdkignore index c538bea..84684be 100644 --- a/.pdkignore +++ b/.pdkignore @@ -16,9 +16,10 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ +/.vendor/ /convert_report.txt /update_report.txt .DS_Store @@ -26,20 +27,23 @@ .envrc /inventory.yaml /spec/fixtures/litmus_inventory.yaml -/appveyor.yml -/.editorconfig +.resource_types +.modules +.task_cache.json +.plan_cache.json +.rerun.json +bolt-debug.log /.fixtures.yml /Gemfile /.gitattributes +/.github/ /.gitignore -/.gitlab-ci.yml /.pdkignore /.puppet-lint.rc /Rakefile /rakelib/ /.rspec -/.rubocop.yml -/.travis.yml +/..yml /.yardopts /spec/ /.vscode/ diff --git a/.puppet-lint.rc b/.puppet-lint.rc index cc96ece..9e15c6e 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1 +1,9 @@ +--fail-on-warnings --relative +--no-80chars-check +--no-140chars-check +--no-class_inherits_from_params_class-check +--no-autoloader_layout-check +--no-documentation-check +--no-single_quote_string_with_variables-check +--ignore-paths=.vendor/**/*.pp,.bundle/**/*.pp,pkg/**/*.pp,spec/**/*.pp,tests/**/*.pp,types/**/*.pp,vendor/**/*.pp diff --git a/.rubocop.yml b/.rubocop.yml index 8f782e7..21b82b9 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -3,8 +3,9 @@ require: - rubocop-performance - rubocop-rspec AllCops: + NewCops: enable DisplayCopNames: true - TargetRubyVersion: '2.4' + TargetRubyVersion: '2.6' Include: - "**/*.rb" Exclude: @@ -111,8 +112,14 @@ Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true +Bundler/GemFilename: + Enabled: false Bundler/InsecureProtocolSource: Enabled: false +Capybara/CurrentPathExpectation: + Enabled: false +Capybara/VisibilityMatcher: + Enabled: false Gemspec/DuplicatedAssignment: Enabled: false Gemspec/OrderedDependencies: @@ -287,11 +294,9 @@ Performance/UriDefaultParser: Enabled: false RSpec/Be: Enabled: false -RSpec/Capybara/CurrentPathExpectation: - Enabled: false RSpec/Capybara/FeatureMethods: Enabled: false -RSpec/Capybara/VisibilityMatcher: +RSpec/ContainExactly: Enabled: false RSpec/ContextMethod: Enabled: false @@ -331,6 +336,8 @@ RSpec/LeakyConstantDeclaration: Enabled: false RSpec/LetBeforeExamples: Enabled: false +RSpec/MatchArray: + Enabled: false RSpec/MissingExampleGroupArgument: Enabled: false RSpec/MultipleExpectations: @@ -373,8 +380,6 @@ Style/AccessModifierDeclarations: Enabled: false Style/AccessorGrouping: Enabled: false -Style/AsciiComments: - Enabled: false Style/BisectedAttrAccessor: Enabled: false Style/CaseLikeIf: @@ -485,35 +490,241 @@ Style/TrailingMethodEndStatement: Enabled: false Style/UnpackFirst: Enabled: false +Capybara/MatchStyle: + Enabled: false +Capybara/NegationMatcher: + Enabled: false +Capybara/SpecificActions: + Enabled: false +Capybara/SpecificFinders: + Enabled: false +Capybara/SpecificMatcher: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false Lint/DuplicateBranch: Enabled: false +Lint/DuplicateMagicComment: + Enabled: false +Lint/DuplicateMatchPattern: + Enabled: false Lint/DuplicateRegexpCharacterClassElement: Enabled: false Lint/EmptyBlock: Enabled: false Lint/EmptyClass: Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false Lint/NoReturnInBeginEndBlocks: Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false Lint/ToEnumArguments: Enabled: false +Lint/TripleQuotes: + Enabled: false Lint/UnexpectedBlockArity: Enabled: false Lint/UnmodifiedReduceAccumulator: Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false Performance/CollectionLiteralInLoop: Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/FactoryBot/ConsistentParenthesesStyle: + Enabled: false +RSpec/FactoryBot/FactoryNameStyle: + Enabled: false +RSpec/FactoryBot/SyntaxMethods: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/Rails/AvoidSetupHook: + Enabled: false +RSpec/Rails/HaveHttpStatus: + Enabled: false +RSpec/Rails/InferredSpecType: + Enabled: false +RSpec/Rails/MinitestAssertions: + Enabled: false +RSpec/Rails/TravelAround: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false Style/ArgumentsForwarding: Enabled: false +Style/ArrayIntersect: + Enabled: false Style/CollectionCompact: Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DataInheritance: + Enabled: false +Style/DirEmpty: + Enabled: false Style/DocumentDynamicEvalDefinition: Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false Style/NegatedIfElseCondition: Enabled: false +Style/NestedFileDirname: + Enabled: false Style/NilLambda: Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false Style/RedundantArgument: Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantLineContinuation: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false Style/SwapValues: Enabled: false diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 2f1e4f7..6da8d47 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,6 +1,6 @@ { "recommendations": [ "puppet.puppet-vscode", - "rebornix.Ruby" + "Shopify.ruby-lsp" ] } diff --git a/Gemfile b/Gemfile index a167b88..f84ea87 100644 --- a/Gemfile +++ b/Gemfile @@ -13,21 +13,38 @@ def location_for(place_or_version, fake_version = nil) end end -ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments -minor_version = ruby_version_segments[0..1].join('.') - group :development do - gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "deep_merge", '~> 1.2.2', require: false + gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false + gem "facterdb", '~> 2.1', require: false + gem "metadata-json-lint", '~> 4.0', require: false + gem "rspec-puppet-facts", '~> 4.0', require: false + gem "dependency_checker", '~> 1.0.0', require: false + gem "parallel_tests", '= 3.12.1', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.9', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '~> 1.50.0', require: false + gem "rubocop-performance", '= 1.16.0', require: false + gem "rubocop-rspec", '= 2.19.0', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "rexml", '>= 3.0.0', '< 3.2.7', require: false +end +group :development, :release_prep do + gem "puppet-strings", '~> 4.0', require: false + gem "puppetlabs_spec_helper", '~> 8.0', require: false + gem "puppet-blacksmith", '~> 7.0', require: false end group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] + gem "CFPropertyList", '< 3.0.7', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/Rakefile b/Rakefile index 0f8754e..31b5930 100644 --- a/Rakefile +++ b/Rakefile @@ -1,89 +1,18 @@ # frozen_string_literal: true require 'bundler' -require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? +require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? -require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? -require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? - -def changelog_user - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = nil || JSON.load(File.read('metadata.json'))['author'] - raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator user:#{returnVal}" - returnVal -end - -def changelog_project - return unless Rake.application.top_level_tasks.include? "changelog" - - returnVal = nil - returnVal ||= begin - metadata_source = JSON.load(File.read('metadata.json'))['source'] - metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) - - metadata_source_match && metadata_source_match[1] - end - - raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? - - puts "GitHubChangelogGenerator project:#{returnVal}" - returnVal -end - -def changelog_future_release - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] - raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator future_release:#{returnVal}" - returnVal -end +require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' PuppetLint.configuration.send('disable_relative') - - -if Bundler.rubygems.find_name('github_changelog_generator').any? - GitHubChangelogGenerator::RakeTask.new :changelog do |config| - raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? - config.user = "#{changelog_user}" - config.project = "#{changelog_project}" - config.future_release = "#{changelog_future_release}" - config.exclude_labels = ['maintenance'] - config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." - config.add_pr_wo_labels = true - config.issues = false - config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" - config.configure_sections = { - "Changed" => { - "prefix" => "### Changed", - "labels" => ["backwards-incompatible"], - }, - "Added" => { - "prefix" => "### Added", - "labels" => ["enhancement", "feature"], - }, - "Fixed" => { - "prefix" => "### Fixed", - "labels" => ["bug", "documentation", "bugfix"], - }, - } - end -else - desc 'Generate a Changelog from GitHub' - task :changelog do - raise < 1.15' - condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" -EOM - end -end +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_140chars') +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_autoloader_layout') +PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.ignore_paths = [".vendor/**/*.pp", ".bundle/**/*.pp", "pkg/**/*.pp", "spec/**/*.pp", "tests/**/*.pp", "types/**/*.pp", "vendor/**/*.pp"] diff --git a/manifests/addtogit.pp b/manifests/addtogit.pp index 3bb7aee..7a68188 100644 --- a/manifests/addtogit.pp +++ b/manifests/addtogit.pp @@ -9,8 +9,7 @@ String $passphrase, String $reponame, ) { - - include ::borgbackup::git + include borgbackup::git $gpg_home = $borgbackup::git::gpg_home $git_home = $borgbackup::git::git_home @@ -18,30 +17,29 @@ $keys=join( [ - "--recipient 'borg ${::fqdn}' --recipient ", + "--recipient 'borg ${facts['networking']['fqdn']}' --recipient ", $borgbackup::git::gpg_keys.keys().join(' --recipient '), ],'' ) # set exec defaults Exec { - environment => [ "GNUPGHOME=${gpg_home}" ], + environment => ["GNUPGHOME=${gpg_home}"], path => '/usr/bin:/usr/sbin:/bin', notify => Exec['commit git repo'], } - if $passphrase == 'random' { # just create the file if it does non exist, or we cannot decrypt it exec { "create passphrase file ${title}": # lint:ignore:140chars - command => "cat /dev/random |tr -dc _A-Z-a-z-0-9 | head -c30 | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_pass.gpg", + command => "cat /dev/random |tr -dc _A-Z-a-z-0-9 | head -c30 | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg", # lint:endignore - require => [Exec["create gpg private key for ${::fqdn}"], File["${git_home}/${::fqdn}"]], + require => [Exec["create gpg private key for ${facts['networking']['fqdn']}"], File["${git_home}/${facts['networking']['fqdn']}"]], before => Exec["initialize borg repo ${reponame}"], unless => [ # we cannot decrypt the file (so it's probably the same host, newly setup, or file does not exist - "gpg --decrypt -v --output /dev/null ${git_home}/${::fqdn}/${reponame}_pass.gpg", + "gpg --decrypt -v --output /dev/null ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg", ], } } else { @@ -49,12 +47,12 @@ $md5_passphrase = md5("${passphrase}\n") exec { "create passphrase file ${title}": - command => "echo ${passphrase} | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_pass.gpg", - require => [Exec["create gpg private key for ${::fqdn}"], File["${git_home}/${::fqdn}"]], + command => "echo ${passphrase} | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg", + require => [Exec["create gpg private key for ${facts['networking']['fqdn']}"], File["${git_home}/${facts['networking']['fqdn']}"]], before => Exec["initialize borg repo ${reponame}"], unless => [ # check if file contains passphrase - "gpg -q --decrypt ${git_home}/${::fqdn}/${reponame}_pass.gpg |md5sum| grep -e '^${md5_passphrase}'", + "gpg -q --decrypt ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg |md5sum| grep -e '^${md5_passphrase}'", ], } } # end if $passphrase == 'random' @@ -66,32 +64,31 @@ # lint:ignore:140chars exec { "reencrypt passphrase file ${title}": - command => "gpg --decrypt ${git_home}/${::fqdn}/${reponame}_pass.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_pass.gpg", + command => "gpg --decrypt ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg", require => Exec["create passphrase file ${title}"], unless => [ # check if file is encrypted with correct keys - "gpg --decrypt -v --output /dev/null ${git_home}/${::fqdn}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'", + "gpg --decrypt -v --output /dev/null ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'", ], } exec { "create key file ${title}": - command => "${configdir}/repo_${reponame}.sh exportkey | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_keyfile.gpg", - require => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${::fqdn}"], File["${git_home}/${::fqdn}"]], + command => "${configdir}/repo_${reponame}.sh exportkey | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg", + require => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${facts['networking']['fqdn']}"], File["${git_home}/${facts['networking']['fqdn']}"]], provider => 'shell', unless => [ # check if file contains key - "A=`${configdir}/repo_${reponame}.sh exportkey|md5sum`; gpg --decrypt --output - ${git_home}/${::fqdn}/${reponame}_keyfile.gpg |md5sum|grep \$A", + "A=`${configdir}/repo_${reponame}.sh exportkey|md5sum`; gpg --decrypt --output - ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg |md5sum|grep \$A", ], } exec { "reencrypt key file ${title}": - command => "gpg --decrypt ${git_home}/${::fqdn}/${reponame}_keyfile.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_keyfile.gpg", - require => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${::fqdn}","create key file ${title}"], File["${git_home}/${::fqdn}"]], + command => "gpg --decrypt ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg", + require => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${facts['networking']['fqdn']}","create key file ${title}"], File["${git_home}/${facts['networking']['fqdn']}"]], unless => [ # check if file is encrypted with correct keys - "gpg --decrypt -v --output /dev/null ${git_home}/${::fqdn}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'", + "gpg --decrypt -v --output /dev/null ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'", ], } # lint:endignore } - diff --git a/manifests/archive.pp b/manifests/archive.pp index 755b7c6..2242b39 100644 --- a/manifests/archive.pp +++ b/manifests/archive.pp @@ -36,7 +36,7 @@ # needs to be [] if stdin_cmd is used. # @param stdin_cmd # command which is executed, stdout is used as -# input to backup. defaults to '' +# input to backup. defaults to undef # do not use together with $create_excludes and $create_includes # @param do_prune # if true, prune will be run after the create command. @@ -47,12 +47,10 @@ # Defaults to ['list', 'show-rc'] # @param keep_last # number of last archives to keep -# Set to '' if this option should not be added -# Defaults to '' +# Defaults to undef # @param keep_hourly # number of hourly archives to keep -# Set to '' if this option should not be added -# Defaults to '' +# Defaults to undef # @param keep_daily # number of daily archives to keep # Set to '' if this option should not be added @@ -67,46 +65,44 @@ # Defaults to 6 # @param keep_yearly # number of yearly archives to keep -# Set to '' if this option should not be added -# Defaults to '' +# Defaults to undef (no yearly is kept) # define borgbackup::archive ( - String $reponame = $::fqdn, - String $archive_name = $title, - Array $pre_commands = [], - Array $post_commands = [], - String $create_compression = 'lz4', - String $create_filter = 'AME', - Array $create_options = ['verbose', 'list', 'stats', 'show-rc', 'exclude-caches'], - Array $create_excludes = [], - Array $create_includes = [], - String $stdin_cmd = '', - Boolean $do_prune = true, - Array $prune_options = ['list', 'show-rc'], - Variant[String, Integer] $keep_last = '', - Variant[String, Integer] $keep_hourly = '', - Variant[String, Integer] $keep_daily = 7, - Variant[String, Integer] $keep_weekly = 4, - Variant[String, Integer] $keep_monthly = 6, - Variant[String, Integer] $keep_yearly = '', -){ - - if ($stdin_cmd != '' and $create_includes != []) or ($stdin_cmd != '' and $create_excludes != []) { + String $reponame = $facts['networking']['fqdn'], + String $archive_name = $title, + Array $pre_commands = [], + Array $post_commands = [], + String $create_compression = 'lz4', + String $create_filter = 'AME', + Array $create_options = ['verbose', 'list', 'stats', 'show-rc', 'exclude-caches'], + Array $create_excludes = [], + Array $create_includes = [], + Optional[String[1]] $stdin_cmd = undef, + Boolean $do_prune = true, + Array $prune_options = ['list', 'show-rc'], + Optional[Variant[String[1], Integer]] $keep_last = undef, + Optional[Variant[String[1], Integer]] $keep_hourly = undef, + Variant[String, Integer] $keep_daily = 7, + Variant[String, Integer] $keep_weekly = 4, + Variant[String, Integer] $keep_monthly = 6, + Optional[Variant[String[1], Integer]] $keep_yearly = undef, +) { + if ( ! $stdin_cmd and $create_includes != []) or ( ! $stdin_cmd and $create_excludes != []) { fail('borgbackup::archive $stdin_cmd cannot be used together with $create_includes or $create_exclude') } - include ::borgbackup + include borgbackup - $configdir = $::borgbackup::configdir + $configdir = $borgbackup::configdir - concat::fragment{ "borgbackup::archive ${reponame} create ${archive_name}": + concat::fragment { "borgbackup::archive ${reponame} create ${archive_name}": target => "${configdir}/repo_${reponame}.sh", content => template('borgbackup/archive_create.erb'), order => "20-${title}", } if $do_prune { - concat::fragment{ "borgbackup::archive ${reponame} prune ${archive_name}": + concat::fragment { "borgbackup::archive ${reponame} prune ${archive_name}": target => "${configdir}/repo_${reponame}.sh", content => template('borgbackup/archive_prune.erb'), order => "70-${title}", diff --git a/manifests/authorized_key.pp b/manifests/authorized_key.pp index 6af3379..a8d0c6b 100644 --- a/manifests/authorized_key.pp +++ b/manifests/authorized_key.pp @@ -51,19 +51,18 @@ # defaults to {} # define borgbackup::authorized_key ( - String $backuproot, - String $target, - String $command = 'borg serve', - String $reponame = $title, - Array $keys = [], - String $restrict_to_path = 'no', - String $restrict_to_repository = 'yes', - Boolean $append_only = false, - String $storage_quota = '', - Array $restricts = ['restrict'], - Hash $env_vars = {}, + String $backuproot, + String $target, + String $command = 'borg serve', + String $reponame = $title, + Array $keys = [], + String $restrict_to_path = 'no', + String $restrict_to_repository = 'yes', + Boolean $append_only = false, + Optional[String[1]] $storage_quota = undef, + Array $restricts = ['restrict'], + Hash $env_vars = {}, ) { - case $restrict_to_repository { 'yes': { $_restrict_to_repository = " --restrict-to-repository ${backuproot}/${reponame}" @@ -100,15 +99,15 @@ $_append_only = '' } - if $storage_quota == '' { - $_storage_quota = '' - } else { + if $storage_quota { $_storage_quota = " --storage-quota ${storage_quota}" + } else { + $_storage_quota = '' } $borg_cmd = "${command}${_restrict_to_path}${_restrict_to_repository}${_append_only}${_storage_quota}" - concat::fragment{ $title: + concat::fragment { $title: target => $target, content => template('borgbackup/authorized_key.erb'), order => $title, diff --git a/manifests/git.pp b/manifests/git.pp index 2f11cbe..9db340d 100644 --- a/manifests/git.pp +++ b/manifests/git.pp @@ -18,13 +18,13 @@ # if set to a remote url, an existing git repo will be cloned and # commits will be pushed there. This gives the oportunity to have # a separate place to store the access keys to the backups. -# defaults to '' which only creates a local git repo. +# defaults to undef which only creates a local git repo. # Remark: if you change this, you have localy adapt the # git repo (or delete it). # @param gitrepo_sshkey # ssh private key needed to access the gitrepo. -# defaults to '' -# if $gitrepo is set to '' this value is ignored. +# defaults to undef +# if $gitrepo is not set this value is ignored. # @param git_home # directory to clone or create the git repo for # keys and passphrases. @@ -34,16 +34,15 @@ # defaults to 'borgbackup ' # class borgbackup::git ( - Array $packages = ['git','gnupg'], - Hash $gpg_keys = {}, - String $gpg_home = "${borgbackup::configdir}/.gnupg", - String $gitrepo = '', - String $gitrepo_sshkey = '', - String $git_home = "${borgbackup::configdir}/git", - String $git_author = 'borgbackup ', # lint:ignore:single_quote_string_with_variables + Array $packages = ['git','gnupg'], + Hash $gpg_keys = {}, + String $gpg_home = "${borgbackup::configdir}/.gnupg", + Optional[String[1]] $gitrepo = undef, + Optional[String[1]] $gitrepo_sshkey = undef, + String $git_home = "${borgbackup::configdir}/git", + String $git_author = 'borgbackup ', # lint:ignore:single_quote_string_with_variables ) inherits borgbackup { - - Package[$packages] -> Exec["create gpg private key for ${::fqdn}"] + Package[$packages] -> Exec["create gpg private key for ${facts['networking']['fqdn']}"] Package[$packages] -> Exec['setup git repo'] ensure_packages($packages) @@ -59,21 +58,21 @@ mode => '0700', } - exec { "create gpg private key for ${::fqdn}": - environment => [ "GNUPGHOME=${gpg_home}" ], + exec { "create gpg private key for ${facts['networking']['fqdn']}": + environment => ["GNUPGHOME=${gpg_home}"], path => '/usr/bin:/usr/sbin:/bin', - command => "gpg --quick-generate-key --batch --passphrase '' 'borg ${::fqdn}'", - unless => "gpg --list-keys 'borg ${::fqdn}'", + command => "gpg --quick-generate-key --batch --passphrase '' 'borg ${facts['networking']['fqdn']}'", + unless => "gpg --list-keys 'borg ${facts['networking']['fqdn']}'", require => File[$gpg_home], } $gpg_keys.each | $name, $gpgkey | { exec { "add gpg key ${name}": - environment => [ "GNUPGHOME=${gpg_home}" ], + environment => ["GNUPGHOME=${gpg_home}"], path => '/usr/bin:/usr/sbin:/bin', command => "echo \"${gpgkey}\"| gpg --import", unless => "gpg --list-keys ${name}", - require => [ File[$gpg_home], Exec["create gpg private key for ${::fqdn}"] ], + require => [File[$gpg_home], Exec["create gpg private key for ${facts['networking']['fqdn']}"]], } } @@ -82,24 +81,17 @@ # setup git repo # - if $gitrepo == '' { - # since no repo url, create with git init - exec { 'setup git repo': - path => '/usr/bin:/usr/sbin:/bin', - command => "git init ${git_home}", - creates => $git_home, - } - } else { + if $gitrepo { # we have a gitrepo url, lets clone file { "${borgbackup::configdir}/.ssh/gitrepo_key": owner => 'root', group => 'root', mode => '0700', - content => $gitrepo_sshkey, + content => pick_default($gitrepo_sshkey,''), } exec { 'setup git repo': - environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ], + environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"], path => '/usr/bin:/usr/sbin:/bin', command => "git clone ${gitrepo} ${git_home}", creates => $git_home, @@ -107,7 +99,7 @@ } exec { 'pull git repo': - environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ], + environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"], path => '/usr/bin:/usr/sbin:/bin', cwd => $git_home, command => 'git pull --rebase', @@ -117,7 +109,7 @@ } exec { 'push git repo': - environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ], + environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"], path => '/usr/bin:/usr/sbin:/bin', cwd => $git_home, command => 'git push', @@ -125,9 +117,16 @@ subscribe => Exec['commit git repo'], refreshonly => true, } + } else { + # since no repo url, create with git init + exec { 'setup git repo': + path => '/usr/bin:/usr/sbin:/bin', + command => "git init ${git_home}", + creates => $git_home, + } } - file { "${git_home}/${::fqdn}": + file { "${git_home}/${facts['networking']['fqdn']}": ensure => 'directory', owner => 'root', group => 'root', @@ -136,12 +135,11 @@ } exec { 'commit git repo': - environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ], + environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"], path => '/usr/bin:/usr/sbin:/bin', cwd => $git_home, - command => "git add .;git commit --message 'autocommit on ${::fqdn}' --author='${git_author}'", + command => "git add .;git commit --message 'autocommit on ${facts['networking']['fqdn']}' --author='${git_author}'", refreshonly => true, require => Exec['setup git repo'], } - } diff --git a/manifests/init.pp b/manifests/init.pp index b2364bd..99bea63 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -8,7 +8,7 @@ # if we true (default) we create the .ssh directory # @param ssh_key_define # the resource to use for the generation of an ssh key -# defaults to '' +# defaults to undef # @param ssh_key_res # the parameters to use for the $ssh_key_define # defaults to {} @@ -20,7 +20,7 @@ # Hint: hiera5 will hash merge this parameter. # @param default_target # the default target of the backup for $repos definition -# defaults to '' +# defaults to undef # see ::borgbackup::repo # @param repos_defaults # default values for the $repos to create. @@ -33,17 +33,16 @@ # $repo. But can be overwriten per repo using $repo parameter. # class borgbackup ( - String $configdir = '/etc/borgbackup', - Boolean $ensure_ssh_directory = true, - String $ssh_key_define = '', - Hash $ssh_key_res = {}, - Hash $repos = {$::fqdn => {}}, - String $default_target = '', - Hash $repos_defaults = {}, - Hash $archives = {}, + String $configdir = '/etc/borgbackup', + Boolean $ensure_ssh_directory = true, + Optional[String[1]] $ssh_key_define = undef, + Hash $ssh_key_res = {}, + Hash $repos = { $facts['networking']['fqdn'] => {} }, + Optional[String[1]] $default_target = undef, + Hash $repos_defaults = {}, + Hash $archives = {}, ) { - - include ::borgbackup::install + include borgbackup::install # create a configuration directory file { $configdir: @@ -62,11 +61,11 @@ } } - if $ssh_key_define != '' { + if $ssh_key_define { create_resources($ssh_key_define, $ssh_key_res) } $_repos_defaults = $repos_defaults + { 'archives' => $archives, 'target' => $default_target, } - create_resources('::borgbackup::repo', $repos, $_repos_defaults) + create_resources('borgbackup::repo', $repos, $_repos_defaults) } diff --git a/manifests/install.pp b/manifests/install.pp index 1792489..0b4582c 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -15,9 +15,8 @@ class borgbackup::install ( Array $packages = ['borgbackup'], String $package_ensure = 'installed', -){ - - package{ $packages: +) { + package { $packages: ensure => $package_ensure, tag => 'borgbackup', } diff --git a/manifests/repo.pp b/manifests/repo.pp index b4af06e..4f93dc2 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -8,7 +8,7 @@ # the target where to put the backup (env BORG_REPO) # @param passphrase # the passphrase to use for the repo -# if empty (the default, random pasphrase is generated +# if empty (the default, a random pasphrase is generated # and saved gpg encrypted in a git repo. see # borgbackup::git for more information. # @param passcommand @@ -28,7 +28,7 @@ # if true, an append_only repo is created (no purge) # defaults to false # @param storage_quota -# storage quota to set defaults to '' +# storage quota to set defaults to undef (no quota) # @param archives # Hash of archives to create for this repo # See ::borgbackup::archive for options @@ -66,22 +66,21 @@ # defaults to '' means do not check. # define borgbackup::repo ( - String $reponame = $title, - String $target = '', - String $passphrase = '', - String $passcommand = 'default', - Hash $env_vars = {}, - Hash $archives = {}, - String $encryption = 'keyfile', - Boolean $append_only = false, - String $storage_quota = '', - Integer $icinga_old = 90000, # 25 hours - String $crontab_define = 'cron', - Hash $crontabs = {}, - Optional[String] $check_host = undef, -){ - - include ::borgbackup + String $reponame = $title, + String $target = ' ', + Optional[String] $passphrase = undef, + String $passcommand = 'default', + Hash $env_vars = {}, + Hash $archives = {}, + String $encryption = 'keyfile', + Boolean $append_only = false, + Optional[String[1]] $storage_quota = undef, + Integer $icinga_old = 90000, # 25 hours + String $crontab_define = 'cron', + Hash $crontabs = {}, + Optional[String] $check_host = undef, +) { + include borgbackup if $check_host { # this function tries to open a tcp socket on port 22 (ssh) of server @@ -89,25 +88,25 @@ borgbackup::noop_connection($check_host) } - $configdir = $::borgbackup::configdir + $configdir = $borgbackup::configdir if $passcommand == 'default' { - include ::borgbackup::git + include borgbackup::git - $_passcommand = "gpg --decrypt ${::borgbackup::git::git_home}/${::fqdn}/${reponame}_pass.gpg" + $_passcommand = "gpg --decrypt ${borgbackup::git::git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg" $_env_vars = { 'GNUPGHOME' => $borgbackup::git::gpg_home } + $env_vars - if $passphrase == '' { - # default behaviour, save a random passphrase encrypted in git repo - $_passphrase = '' - $_passphrase_to_git = 'random' - } else { + if $passphrase { # save a configured passphrase encrypted in git repo $_passphrase = '' $_passphrase_to_git = $passphrase + } else { + # default behaviour, save a random passphrase encrypted in git repo + $_passphrase = '' + $_passphrase_to_git = 'random' } # so add to git repo ... $add_gitrepo = { - "gitrepo-add-${::fqdn}-${reponame}" => { + "gitrepo-add-${facts['networking']['fqdn']}-${reponame}" => { passphrase => $_passphrase_to_git, reponame => $reponame, }, @@ -115,7 +114,7 @@ create_resources('::borgbackup::addtogit', $add_gitrepo) } else { $_env_vars = $env_vars - if ( $passphrase == '' and $passcommand == '' ) { + if ( ( ! $passphrase ) and $passcommand == '' ) { fail('borgbackup::repo you cannot use an empty passphrase without passcommand') } else { # you have either set a passphrase or a passcommand (or both) on your own, do not use git. @@ -124,7 +123,7 @@ } } - exec{"initialize borg repo ${reponame}": + exec { "initialize borg repo ${reponame}": command => "${configdir}/repo_${reponame}.sh init", unless => "${configdir}/repo_${reponame}.sh list", require => Concat["${configdir}/repo_${reponame}.sh"], @@ -138,13 +137,13 @@ mode => '0700', } - concat::fragment{ "borgbackup::repo ${reponame} header": + concat::fragment { "borgbackup::repo ${reponame} header": target => "${configdir}/repo_${reponame}.sh", content => template('borgbackup/repo_header.erb'), order => '00-header', } - concat::fragment{ "borgbackup::repo ${name} footer": + concat::fragment { "borgbackup::repo ${name} footer": target => "${configdir}/repo_${reponame}.sh", content => template('borgbackup/repo_footer.erb'), order => '99-footer', @@ -154,7 +153,7 @@ reponame => $reponame, } - create_resources('::borgbackup::archive', $archives, $archdefaults) + create_resources('borgbackup::archive', $archives, $archdefaults) if $crontab_define != '' { if $crontabs == {} and $crontab_define == 'cron' { diff --git a/manifests/server.pp b/manifests/server.pp index 8974afb..9e4d0e7 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -32,7 +32,7 @@ # authorized-keys file # defaults to {} # -class borgbackup::server( +class borgbackup::server ( String $backuproot = '/srv/borgbackup', String $borguser = 'borgbackup', String $borggroup = 'borgbackup', @@ -42,10 +42,9 @@ String $authorized_keys_define = 'borgbackup::authorized_key', Hash $authorized_keys = {}, Hash $authorized_keys_defaults = {}, -){ - +) { if $user_ensure { - user{ $borguser: + user { $borguser: ensure => present, comment => 'borgbackup user', managehome => true, @@ -69,7 +68,7 @@ backuproot => $backuproot, } ) - concat{ $authorized_keys_target: + concat { $authorized_keys_target: owner => $borguser, group => $borggroup, mode => '0644', @@ -85,5 +84,3 @@ create_resources($authorized_keys_define, $authorized_keys, $_authorized_keys_defaults) } } - - diff --git a/metadata.json b/metadata.json index 80e7e99..5df7e7e 100644 --- a/metadata.json +++ b/metadata.json @@ -10,11 +10,11 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 3.2.0 < 9.0.0" + "version_requirement": ">= 3.2.0 < 10.0.0" }, { "name": "puppetlabs/concat", - "version_requirement": ">= 2.0.0 < 8.0.0" + "version_requirement": ">= 2.0.0 < 10.0.0" }, { "name": "puppetlabs/cron_core", @@ -28,7 +28,8 @@ "8", "9", "10", - "11" + "11", + "12" ] }, { @@ -38,7 +39,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">=4.0.0 < 8.0.0" + "version_requirement": ">=4.0.0 < 9.0.0" } ], "tags": [ @@ -47,7 +48,7 @@ "borgbackup", "restore" ], - "pdk-version": "2.3.0", - "template-url": "pdk-default#2.3.0", - "template-ref": "tags/2.3.0-0-g8aaceff" + "pdk-version": "3.4.0", + "template-url": "https://github.com/puppetlabs/pdk-templates#main", + "template-ref": "tags/3.4.0-0-gd3cc13f" } diff --git a/pdk.yaml b/pdk.yaml new file mode 100644 index 0000000..4bef4bd --- /dev/null +++ b/pdk.yaml @@ -0,0 +1,2 @@ +--- +ignore: [] diff --git a/spec/classes/borgbackup_spec.rb b/spec/classes/borgbackup_spec.rb index 20c3785..f6d9656 100644 --- a/spec/classes/borgbackup_spec.rb +++ b/spec/classes/borgbackup_spec.rb @@ -5,9 +5,7 @@ let :default_params do { configdir: '/etc/borgbackup', ensure_ssh_directory: true, - ssh_key_define: '', ssh_key_res: {}, - default_target: '', repos_defaults: {} } end diff --git a/spec/classes/git_spec.rb b/spec/classes/git_spec.rb index b042236..b8c4ca8 100644 --- a/spec/classes/git_spec.rb +++ b/spec/classes/git_spec.rb @@ -7,8 +7,6 @@ let :default_params do { packages: ['git', 'gnupg'], gpg_keys: {}, - gitrepo: '', - gitrepo_sshkey: '', gpg_home: '/etc/borgbackup/.gnupg', git_home: '/etc/borgbackup/git' } end diff --git a/spec/default_facts.yml b/spec/default_facts.yml index f777abf..3346c39 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -2,7 +2,8 @@ # # Facts specified here will override the values provided by rspec-puppet-facts. --- -ipaddress: "172.16.254.254" -ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" +networking: + ip: "172.16.254.254" + ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" + mac: "AA:AA:AA:AA:AA:AA" is_pe: false -macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/defines/archive_spec.rb b/spec/defines/archive_spec.rb index 0066645..b4b58da 100644 --- a/spec/defines/archive_spec.rb +++ b/spec/defines/archive_spec.rb @@ -12,15 +12,11 @@ create_options: ['verbose', 'list', 'stats', 'show-rc', 'exclude-caches'], create_excludes: [], create_includes: [], - stdin_cmd: '', do_prune: true, prune_options: ['list', 'show-rc'], - keep_last: '', - keep_hourly: '', keep_daily: 7, keep_weekly: 4, - keep_monthly: 6, - keep_yearly: '' } + keep_monthly: 6, } end shared_examples 'borgbackup::archive shared examples' do diff --git a/spec/defines/authorized_key_spec.rb b/spec/defines/authorized_key_spec.rb index 6d2a3d8..9ee6a13 100644 --- a/spec/defines/authorized_key_spec.rb +++ b/spec/defines/authorized_key_spec.rb @@ -9,7 +9,6 @@ restrict_to_path: '', restrict_to_repository: 'yes', append_only: false, - storage_quota: '', restricts: ['restrict'], env_vars: {} } end diff --git a/spec/defines/repo_spec.rb b/spec/defines/repo_spec.rb index e5a8b40..8f43dfd 100644 --- a/spec/defines/repo_spec.rb +++ b/spec/defines/repo_spec.rb @@ -3,14 +3,12 @@ describe 'borgbackup::repo' do let :default_params do { reponame: 'title', - target: '', - passphrase: '', + target: ' ', passcommand: 'default', env_vars: {}, archives: {}, encryption: 'keyfile', append_only: false, - storage_quota: '', icinga_old: 90_000, crontab_define: 'cron', crontabs: {} } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 07db734..ae7c1f6 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -25,15 +25,16 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) - rescue => e + require 'deep_merge' + default_facts.deep_merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) + rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end end # read default_facts and merge them over what is provided by facterdb default_facts.each do |fact, value| - add_custom_fact fact, value + add_custom_fact fact, value, merge_facts: true end RSpec.configure do |c| diff --git a/templates/archive_create.erb b/templates/archive_create.erb index 9b36c99..9640044 100644 --- a/templates/archive_create.erb +++ b/templates/archive_create.erb @@ -6,7 +6,7 @@ # Backup the most important directories into an archive named after # the machine this script is currently running on: -<% if @stdin_cmd != '' -%> +<% if @stdin_cmd -%> <%= @stdin_cmd %> | \ <% end -%> borg create \ @@ -27,7 +27,7 @@ borg create \ <% @create_includes.each do | include | -%> <%= include -%> \ <% end -%> -<% if @stdin_cmd != '' -%> +<% if ! @stdin_cmd -%> - <% end -%> diff --git a/templates/archive_prune.erb b/templates/archive_prune.erb index 46b4291..9a12784 100644 --- a/templates/archive_prune.erb +++ b/templates/archive_prune.erb @@ -10,10 +10,10 @@ borg prune \ <% @prune_options.each do |opt| -%> --<%= opt -%> \ <% end -%> -<% if @keep_last != '' -%> +<% if @keep_last -%> --keep-last <%= @keep_last %> \ <% end -%> -<% if @keep_hourly != '' -%> +<% if @keep_hourly -%> --keep-hourly <%= @keep_hourly %> \ <% end -%> <% if @keep_daily != '' -%> @@ -25,7 +25,7 @@ borg prune \ <% if @keep_monthly != '' -%> --keep-monthly <%= @keep_monthly %> \ <% end -%> -<% if @keep_yearly != '' -%> +<% if @keep_yearly -%> --keep-yearly <%= @keep_yearly %> \ <% end -%> diff --git a/templates/repo_header.erb b/templates/repo_header.erb index 8a2d0bc..b922f05 100644 --- a/templates/repo_header.erb +++ b/templates/repo_header.erb @@ -41,7 +41,7 @@ if [ "$CMD" = 'init' ]; then <% if @apend_only -%> --append-only \ <% end -%> -<% if @storage_quota != '' -%> +<% if @storage_quota -%> --storage-quota <%= @storage_quota %> \ <% end -%> --encryption <%= @encryption %>