diff --git a/README.md b/README.md index 7737d180a..532d52163 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,8 @@ ## Overview +# TODO: Update readme + The rundeck puppet module for installing and managing [Rundeck](http://rundeck.org/) ### Supported Versions of Rundeck diff --git a/metadata.json b/metadata.json index 4c174c865..a2ef399e5 100644 --- a/metadata.json +++ b/metadata.json @@ -71,14 +71,6 @@ "name": "puppetlabs/stdlib", "version_requirement": ">= 4.25.0 < 10.0.0" }, - { - "name": "pltraining/dirtree", - "version_requirement": ">= 0.3.0 < 2.0.0" - }, - { - "name": "puppetlabs/inifile", - "version_requirement": ">= 4.1.0 < 7.0.0" - }, { "name": "puppetlabs/java_ks", "version_requirement": ">= 1.3.1 < 6.0.0" diff --git a/spec/classes/config/aclpolicyfile_spec.rb b/spec/classes/config/aclpolicyfile_spec.rb index a66e0e1b4..fea408413 100644 --- a/spec/classes/config/aclpolicyfile_spec.rb +++ b/spec/classes/config/aclpolicyfile_spec.rb @@ -9,7 +9,7 @@ facts end - describe "rundeck::config::global::aclpolicyfile class without any parameters on #{os}" do + describe "rundeck::config::aclpolicyfile class without any parameters on #{os}" do let(:params) { {} } default_acl = <<~CONFIG.gsub(%r{[^\S\n]{10}}, '') diff --git a/spec/classes/config/framework_spec.rb b/spec/classes/config/framework_spec.rb index c95831ec1..1e5684740 100644 --- a/spec/classes/config/framework_spec.rb +++ b/spec/classes/config/framework_spec.rb @@ -9,7 +9,7 @@ facts end - describe "rundeck::config::global::framework class without any parameters on #{os}" do + describe "rundeck::config::framework class without any parameters on #{os}" do let(:params) { {} } framework_details = { diff --git a/spec/classes/config/jaas_auth_spec.rb b/spec/classes/config/jaas_auth_spec.rb index 6dcd81349..b2375d100 100644 --- a/spec/classes/config/jaas_auth_spec.rb +++ b/spec/classes/config/jaas_auth_spec.rb @@ -22,7 +22,7 @@ end it 'contains PropertyFileLoginModule and be sufficient' do - jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] + jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-loginmodule.conf')[:content] expect(jaas_auth).to include(login_module) end end @@ -44,7 +44,7 @@ end it 'contains PropertyFileLoginModule and be sufficient' do - jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] + jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-loginmodule.conf')[:content] expect(jaas_auth).to include(login_module) end end @@ -79,7 +79,7 @@ end it 'contains PropertyFileLoginModule and be sufficient' do - jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] + jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-loginmodule.conf')[:content] expect(jaas_auth).to include(login_module) end end @@ -168,98 +168,7 @@ end it 'generates valid content for jaas-auth.conf' do - content = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] - expect(content).to include('userFirstNameAttribute="givenName"') - expect(content).to include('userLastNameAttribute="sn"') - expect(content).to include('userEmailAttribute="mail"') - end - end - - describe 'with multiauth active_directory and file auth users array' do - let(:params) do - { - auth_config: { - 'file' => { - 'auth_users' => [ - { - 'username' => 'testuser', - 'password' => 'password', - 'roles' => %w[user deploy] - }, - { - 'username' => 'anotheruser', - 'password' => 'anotherpassword', - 'roles' => ['user'] - } - ] - }, - - 'active_directory' => { - 'debug' => 'true', - 'url' => 'localhost:389', - 'force_binding' => 'true', - 'force_binding_use_root' => 'true', - 'bind_dn' => 'test_rundeck', - 'bind_password' => 'abc123', - 'user_base_dn' => 'ou=users,ou=accounts,ou=corp,dc=xyz,dc=com', - 'user_rdn_attribute' => 'sAMAccountName', - 'user_id_attribute' => 'sAMAccountName', - 'user_password_attribute' => 'unicodePwd', - 'user_object_class' => 'user', - 'role_base_dn' => 'ou=role based,ou=security,ou=groups,ou=test,dc=xyz,dc=com', - 'role_name_attribute' => 'cn', - 'role_member_attribute' => 'member', - 'role_object_class' => 'group', - 'supplemental_roles' => 'user', - 'nested_groups' => 'true' - } - } - } - end - - it 'generates valid content for realm.properties' do - content = catalogue.resource('file', '/etc/rundeck/realm.properties')[:content] - expect(content).to include('admin:admin,user,admin,architect,deploy,build') - expect(content).to include('testuser:password,user,deploy') - expect(content).to include('anotheruser:anotherpassword,user') - end - end - - describe 'with active_directory using ldap_sync' do - let(:params) do - { - auth_config: { - 'active_directory' => { - 'debug' => 'true', - 'url' => 'localhost:389', - 'force_binding' => 'true', - 'force_binding_use_root' => 'true', - 'bind_dn' => 'test_rundeck', - 'bind_password' => 'abc123', - 'user_base_dn' => 'ou=users,ou=accounts,ou=corp,dc=xyz,dc=com', - 'user_rdn_attribute' => 'sAMAccountName', - 'user_id_attribute' => 'sAMAccountName', - 'user_password_attribute' => 'unicodePwd', - 'user_object_class' => 'user', - 'role_base_dn' => 'ou=role based,ou=security,ou=groups,ou=test,dc=xyz,dc=com', - 'role_name_attribute' => 'cn', - 'role_member_attribute' => 'member', - 'role_object_class' => 'group', - 'supplemental_roles' => 'user', - 'nested_groups' => 'true', - 'sync_first_name_attribute' => 'givenName', - 'sync_last_name_attribute' => 'sn', - 'sync_email_attribute' => 'mail' - } - }, - security_config: { - 'syncLdapUser' => true - } - } - end - - it 'generates valid content for jaas-auth.conf' do - content = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] + content = catalogue.resource('file', '/etc/rundeck/jaas-loginmodule.conf')[:content] expect(content).to include('userFirstNameAttribute="givenName"') expect(content).to include('userLastNameAttribute="sn"') expect(content).to include('userEmailAttribute="mail"') @@ -289,7 +198,7 @@ end it 'contains PropertyFileLoginModule and be sufficient' do - jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] + jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-loginmodule.conf')[:content] expect(jaas_auth).to include(login_module) end end @@ -316,7 +225,7 @@ end it 'contains PropertyFileLoginModule and be sufficient' do - jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] + jaas_auth = catalogue.resource('file', '/etc/rundeck/jaas-loginmodule.conf')[:content] expect(jaas_auth).to include(login_module) end end @@ -334,25 +243,7 @@ end it 'generates valid content for jaas-auth.conf' do - content = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] - expect(content).to include('rolePrefix="rundeck_"') - end - end - - describe 'active_directory with rolePrefix' do - let(:params) do - { - auth_config: { - 'active_directory' => { - 'url' => 'localhost:389', - 'role_prefix' => 'rundeck_' - } - } - } - end - - it 'generates valid content for jaas-auth.conf' do - content = catalogue.resource('file', '/etc/rundeck/jaas-auth.conf')[:content] + content = catalogue.resource('file', '/etc/rundeck/jaas-loginmodule.conf')[:content] expect(content).to include('rolePrefix="rundeck_"') end end diff --git a/templates/realm.properties.epp b/templates/realm.properties.epp index 0500e1f6a..8deff98af 100644 --- a/templates/realm.properties.epp +++ b/templates/realm.properties.epp @@ -23,7 +23,7 @@ # <%= $_auth_config['file']['realm_config']['admin_user'] %>:<%= $_auth_config['file']['realm_config']['admin_password'] %>,user,admin,architect,deploy,build <%- if $_auth_config['file']['realm_config']['auth_users'] { -%> - <%- if is_array($_auth_config['file']['realm_config']['auth_users']) { -%> + <%- if $_auth_config['file']['realm_config']['auth_users'] =~ Array { -%> <%- $_auth_config['file']['realm_config']['auth_users'].each |$x| { -%> <%- if $x['username'] { -%> <%= $x['username'] -%>:<%= $x['password'] -%>