Support Keycloak 22, Drop EL7, Debian 10 and Ubuntu 18.04

EL7 and Debian 10 don't have new enough OpenJDK and Ubuntu 18.04 is EOL
The use_truststore_spi propery for keycloak_ldap_user_provider has default switched to 'always' and 'ldapsOnly' option removed
Force IPv4 during tests

.github/workflows/ci.yaml

@@ -35,11 +35,10 @@ jobs:
  env:
  BUNDLE_WITHOUT: system_tests:release
  PUPPET_GEM_VERSION: "~> ${{ matrix.puppet }}.0"
- FACTER_GEM_VERSION: "< 4.0"
  FIXTURES_YML: ${{ matrix.fixtures }}
  name: Puppet ${{ matrix.puppet }} (Ruby ${{ matrix.ruby }} fixtures=${{ matrix.fixtures }})
  steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
  - name: Setup ruby
  uses: ruby/setup-ruby@v1
  with:
@@ -57,29 +56,26 @@ jobs:
  fail-fast: false
  matrix:
  set:
- - "el7"
  - "el8"
  - "el9"
- - "debian-10"
  - "debian-11"
- - "ubuntu-1804"
  - "ubuntu-2004"
  - "ubuntu-2204"
  puppet:
  - "puppet6"
  - "puppet7"
  keycloak_version:
- - "21.0.1"
+ - "22.0.0"
  keycloak_full:
  - "no"
  include:
  - set: "el8"
  puppet: "puppet6"
- keycloak_version: "21.0.1"
+ keycloak_version: "22.0.0"
  keycloak_full: "yes"
  - set: "el8"
  puppet: "puppet7"
- keycloak_version: "21.0.1"
+ keycloak_version: "22.0.0"
  keycloak_full: "yes"
  env:
  BUNDLE_WITHOUT: development:release
@@ -98,7 +94,7 @@ jobs:
  sudo apt-get update
  sudo apt-get install apparmor-profiles
  sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
  - name: Setup ruby
  uses: ruby/setup-ruby@v1
  with:

.github/workflows/release.yaml

@@ -14,7 +14,7 @@ jobs:
  runs-on: ubuntu-latest
  steps:
  - name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
  - name: Setup Ruby
  uses: ruby/setup-ruby@v1
  with:

.sync.yml

@@ -15,28 +15,27 @@ Rakefile:
  acceptance_name: '${{ matrix.puppet }} ${{ matrix.set }} (keycloak=${{ matrix.keycloak_version }} full=${{ matrix.keycloak_full }})'
  acceptance_matrix:
  set:
- - el7
+ - ---el7
  - el8
  - el9
- - debian-10
  - debian-11
- - ubuntu-1804
  - ubuntu-2004
  - ubuntu-2204
  puppet:
  - puppet6
  - puppet7
+ - ---puppet8
  keycloak_version:
- - '21.0.1'
+ - '22.0.0'
  keycloak_full: ['no']
  acceptance_includes:
  - set: el8
  puppet: puppet6
- keycloak_version: 21.0.1
+ keycloak_version: 22.0.0
  keycloak_full: 'yes'
  - set: el8
  puppet: puppet7
- keycloak_version: 21.0.1
+ keycloak_version: 22.0.0
  keycloak_full: 'yes'
 .gitignore:
  paths:
@@ -52,17 +51,13 @@ Rakefile:
  Enabled: false
 appveyor.yml:
  delete: true
-spec/acceptance/nodesets/debian-9.yml:
+spec/acceptance/nodesets/el7.yml:
  delete: true
 spec/acceptance/nodesets/debian-10.yml:
- packages:
- - iproute2
+ delete: true
 spec/acceptance/nodesets/debian-11.yml:
  packages:
  - iproute2
-spec/acceptance/nodesets/ubuntu-1804.yml:
- packages:
- - iproute2
 spec/acceptance/nodesets/ubuntu-2004.yml:
  packages:
  - iproute2

README.md

@@ -174,6 +174,7 @@ This module may work on earlier versions but this is the only version tested.
 | 18.x | 8.x |
 | 19.x - 21.x | 9.x |
 | 21.x | 10.x |
+| 22.x | 11.x |
 
 ## Usage
 
@@ -189,18 +190,18 @@ Install a specific version of Keycloak.
 
 ```puppet
 class { 'keycloak':
- version => '18.0.0',
+ version => '22.0.0',
  db => 'mariadb',
 }
 ```
 
 Upgrading Keycloak version works by changing `version` parameter as long as the `db` parameter is not the default of `dev-file`. An upgrade involves installing the new version without touching the old version, updating the symlink which defaults to `/opt/keycloak`, applying all changes to new version and then restarting the `keycloak` service.
 
-If the previous `version` was `18.0.0` using the following will upgrade to `19.0.0`:
+If the previous `version` was `22.0.0` using the following will upgrade to `23.0.0`:
 
 ```puppet
 class { 'keycloak':
- version => '19.0.0',
+ version => '23.0.0',
  db => 'mariadb',
 }
 ```
@@ -598,12 +599,9 @@ keycloak_required_action { 'webauthn-register on master':
 
 This module has been tested on:
 
-* RedHat/CentOS 7 x86_64
 * RedHat/Rocky/AlmaLinux 8 x86_64
 * RedHat/Rocky/AlmaLinux 9 x86_64
-* Debian 10 x86_64
 * Debian 11 x86_64
-* Ubuntu 18.04 x86_64
 * Ubuntu 20.04 x86_64
 * Ubuntu 22.04 x86_64
 

lib/puppet/type/keycloak_ldap_user_provider.rb

@@ -73,8 +73,8 @@
 
  newproperty(:use_truststore_spi) do
  desc 'useTruststoreSpi'
- defaultto 'ldapsOnly'
- newvalues('always', 'ldapsOnly', 'never')
+ defaultto 'always'
+ newvalues('always', 'never')
  munge { |v| v }
  end
 

manifests/init.pp

@@ -214,15 +214,15 @@
 # Only necessary to set if the URL path to Keycloak is modified
 class keycloak (
  Boolean $manage_install = true,
- String $version = '21.0.1',
+ String $version = '22.0.0',
  Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]] $package_url= undef,
  Optional[Stdlib::Absolutepath] $install_dir = undef,
  Array[String[1]] $java_package_dependencies = [],
  Enum['include','class'] $java_declare_method = 'class',
- String[1] $java_package = 'java-11-openjdk-devel',
- Stdlib::Absolutepath $java_home = '/usr/lib/jvm/java-11-openjdk',
- Stdlib::Absolutepath $java_alternative_path = '/usr/lib/jvm/java-11-openjdk/bin/java',
- String[1] $java_alternative = '/usr/lib/jvm/java-11-openjdk/bin/java',
+ String[1] $java_package = 'java-17-openjdk-devel',
+ Stdlib::Absolutepath $java_home = '/usr/lib/jvm/java-17-openjdk',
+ Stdlib::Absolutepath $java_alternative_path = '/usr/lib/jvm/java-17-openjdk/bin/java',
+ String[1] $java_alternative = '/usr/lib/jvm/java-17-openjdk/bin/java',
  String $service_name = 'keycloak',
  String $service_ensure = 'running',
  Boolean $service_enable = true,

metadata.json

@@ -41,17 +41,10 @@
  {
  "operatingsystem": "RedHat",
  "operatingsystemrelease": [
- "7",
  "8",
  "9"
  ]
  },
- {
- "operatingsystem": "CentOS",
- "operatingsystemrelease": [
- "7"
- ]
- },
  {
  "operatingsystem": "Rocky",
  "operatingsystemrelease": [
@@ -69,14 +62,12 @@
  {
  "operatingsystem": "Debian",
  "operatingsystemrelease": [
- "10",
  "11"
  ]
  },
  {
  "operatingsystem": "Ubuntu",
  "operatingsystemrelease": [
- "18.04",
  "20.04",
  "22.04"
  ]
@@ -88,7 +79,7 @@
  "version_requirement": ">= 6.0.0 < 8.0.0"
  }
  ],
- "pdk-version": "2.1.0",
+ "pdk-version": "2.7.1",
  "template-url": "https://github.com/treydock/pdk-templates.git#master",
- "template-ref": "heads/master-0-gbfcd6dd"
+ "template-ref": "heads/master-0-g70732db"
 }

spec/acceptance/1_class_spec.rb

@@ -70,7 +70,7 @@ class { 'keycloak':
  pp = <<-PUPPET_PP
  class { 'keycloak':
  http_relative_path => '/auth',
- java_opts => '-Xmx512m -Xms64m',
+ java_opts => '-Xmx512m -Xms64m -Djava.net.preferIPv4Stack=true',
  configs => {
  'metrics-enabled' => true,
  },

spec/classes/init_spec.rb

@@ -8,7 +8,7 @@
  let(:facts) do
  facts.merge(concat_basedir: '/dne')
  end
- let(:version) { '21.0.1' }
+ let(:version) { '22.0.0' }
 
  case facts[:osfamily]
  when %r{RedHat}

spec/defines/spi_deployment_spec.rb

@@ -8,7 +8,7 @@
  let(:facts) do
  facts.merge(concat_basedir: '/dne')
  end
- let(:version) { '21.0.1' }
+ let(:version) { '22.0.0' }
  let(:title) { 'duo-spi' }
  let(:params) { { deployed_name: 'keycloak-duo-spi-jar-with-dependencies.jar', source: 'https://example.com/files/keycloak-duo-spi-jar-with-dependencies.jar' } }
 

spec/spec_helper.rb

@@ -25,7 +25,7 @@
  next unless File.exist?(f) && File.readable?(f) && File.size?(f)
 
  begin
- default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
+ default_facts.merge!(YAML.safe_load(File.read(f)))
  rescue StandardError => e
  RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
  end