diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3461100b..27ffc1bf 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -35,11 +35,10 @@ jobs: env: BUNDLE_WITHOUT: system_tests:release PUPPET_GEM_VERSION: "~> ${{ matrix.puppet }}.0" - FACTER_GEM_VERSION: "< 4.0" FIXTURES_YML: ${{ matrix.fixtures }} name: Puppet ${{ matrix.puppet }} (Ruby ${{ matrix.ruby }} fixtures=${{ matrix.fixtures }}) steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Setup ruby uses: ruby/setup-ruby@v1 with: @@ -57,29 +56,26 @@ jobs: fail-fast: false matrix: set: - - "el7" - "el8" - "el9" - - "debian-10" - "debian-11" - - "ubuntu-1804" - "ubuntu-2004" - "ubuntu-2204" puppet: - "puppet6" - "puppet7" keycloak_version: - - "21.0.1" + - "22.0.0" keycloak_full: - "no" include: - set: "el8" puppet: "puppet6" - keycloak_version: "21.0.1" + keycloak_version: "22.0.0" keycloak_full: "yes" - set: "el8" puppet: "puppet7" - keycloak_version: "21.0.1" + keycloak_version: "22.0.0" keycloak_full: "yes" env: BUNDLE_WITHOUT: development:release @@ -98,7 +94,7 @@ jobs: sudo apt-get update sudo apt-get install apparmor-profiles sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Setup ruby uses: ruby/setup-ruby@v1 with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 495a7154..f55e6af8 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup Ruby uses: ruby/setup-ruby@v1 with: diff --git a/.sync.yml b/.sync.yml index 50f0c930..52255a7d 100644 --- a/.sync.yml +++ b/.sync.yml @@ -15,28 +15,27 @@ Rakefile: acceptance_name: '${{ matrix.puppet }} ${{ matrix.set }} (keycloak=${{ matrix.keycloak_version }} full=${{ matrix.keycloak_full }})' acceptance_matrix: set: - - el7 + - ---el7 - el8 - el9 - - debian-10 - debian-11 - - ubuntu-1804 - ubuntu-2004 - ubuntu-2204 puppet: - puppet6 - puppet7 + - ---puppet8 keycloak_version: - - '21.0.1' + - '22.0.0' keycloak_full: ['no'] acceptance_includes: - set: el8 puppet: puppet6 - keycloak_version: 21.0.1 + keycloak_version: 22.0.0 keycloak_full: 'yes' - set: el8 puppet: puppet7 - keycloak_version: 21.0.1 + keycloak_version: 22.0.0 keycloak_full: 'yes' .gitignore: paths: @@ -52,17 +51,13 @@ Rakefile: Enabled: false appveyor.yml: delete: true -spec/acceptance/nodesets/debian-9.yml: +spec/acceptance/nodesets/el7.yml: delete: true spec/acceptance/nodesets/debian-10.yml: - packages: - - iproute2 + delete: true spec/acceptance/nodesets/debian-11.yml: packages: - iproute2 -spec/acceptance/nodesets/ubuntu-1804.yml: - packages: - - iproute2 spec/acceptance/nodesets/ubuntu-2004.yml: packages: - iproute2 diff --git a/README.md b/README.md index eaa99830..a3c76a40 100644 --- a/README.md +++ b/README.md @@ -174,6 +174,7 @@ This module may work on earlier versions but this is the only version tested. | 18.x | 8.x | | 19.x - 21.x | 9.x | | 21.x | 10.x | +| 22.x | 11.x | ## Usage @@ -189,18 +190,18 @@ Install a specific version of Keycloak. ```puppet class { 'keycloak': - version => '18.0.0', + version => '22.0.0', db => 'mariadb', } ``` Upgrading Keycloak version works by changing `version` parameter as long as the `db` parameter is not the default of `dev-file`. An upgrade involves installing the new version without touching the old version, updating the symlink which defaults to `/opt/keycloak`, applying all changes to new version and then restarting the `keycloak` service. -If the previous `version` was `18.0.0` using the following will upgrade to `19.0.0`: +If the previous `version` was `22.0.0` using the following will upgrade to `23.0.0`: ```puppet class { 'keycloak': - version => '19.0.0', + version => '23.0.0', db => 'mariadb', } ``` @@ -598,12 +599,9 @@ keycloak_required_action { 'webauthn-register on master': This module has been tested on: -* RedHat/CentOS 7 x86_64 * RedHat/Rocky/AlmaLinux 8 x86_64 * RedHat/Rocky/AlmaLinux 9 x86_64 -* Debian 10 x86_64 * Debian 11 x86_64 -* Ubuntu 18.04 x86_64 * Ubuntu 20.04 x86_64 * Ubuntu 22.04 x86_64 diff --git a/data/os/Debian/10.yaml b/data/os/Debian/10.yaml deleted file mode 100644 index 1877e0af..00000000 --- a/data/os/Debian/10.yaml +++ /dev/null @@ -1,4 +0,0 @@ -keycloak::java_package: openjdk-11-jdk -keycloak::java_home: /usr/lib/jvm/java-1.11.0-openjdk-amd64/ -keycloak::java_alternative_path: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -keycloak::java_alternative: java-1.11.0-openjdk-amd64 diff --git a/data/os/RedHat/7.yaml b/data/os/RedHat/7.yaml deleted file mode 100644 index 518e83df..00000000 --- a/data/os/RedHat/7.yaml +++ /dev/null @@ -1,4 +0,0 @@ -keycloak::java_package: java-11-openjdk-devel -keycloak::java_home: /usr/lib/jvm/java-11-openjdk/ -keycloak::java_alternative_path: /usr/lib/jvm/java-11-openjdk/bin/java -keycloak::java_alternative: /usr/lib/jvm/java-11-openjdk/bin/java diff --git a/lib/puppet/type/keycloak_ldap_user_provider.rb b/lib/puppet/type/keycloak_ldap_user_provider.rb index a0bbdb14..a3966368 100644 --- a/lib/puppet/type/keycloak_ldap_user_provider.rb +++ b/lib/puppet/type/keycloak_ldap_user_provider.rb @@ -73,8 +73,8 @@ newproperty(:use_truststore_spi) do desc 'useTruststoreSpi' - defaultto 'ldapsOnly' - newvalues('always', 'ldapsOnly', 'never') + defaultto 'always' + newvalues('always', 'never') munge { |v| v } end diff --git a/manifests/init.pp b/manifests/init.pp index 2fce729e..69d9e9d0 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -214,15 +214,15 @@ # Only necessary to set if the URL path to Keycloak is modified class keycloak ( Boolean $manage_install = true, - String $version = '21.0.1', + String $version = '22.0.0', Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]] $package_url= undef, Optional[Stdlib::Absolutepath] $install_dir = undef, Array[String[1]] $java_package_dependencies = [], Enum['include','class'] $java_declare_method = 'class', - String[1] $java_package = 'java-11-openjdk-devel', - Stdlib::Absolutepath $java_home = '/usr/lib/jvm/java-11-openjdk', - Stdlib::Absolutepath $java_alternative_path = '/usr/lib/jvm/java-11-openjdk/bin/java', - String[1] $java_alternative = '/usr/lib/jvm/java-11-openjdk/bin/java', + String[1] $java_package = 'java-17-openjdk-devel', + Stdlib::Absolutepath $java_home = '/usr/lib/jvm/java-17-openjdk', + Stdlib::Absolutepath $java_alternative_path = '/usr/lib/jvm/java-17-openjdk/bin/java', + String[1] $java_alternative = '/usr/lib/jvm/java-17-openjdk/bin/java', String $service_name = 'keycloak', String $service_ensure = 'running', Boolean $service_enable = true, diff --git a/metadata.json b/metadata.json index 05e27d5f..f8fc1f60 100644 --- a/metadata.json +++ b/metadata.json @@ -41,17 +41,10 @@ { "operatingsystem": "RedHat", "operatingsystemrelease": [ - "7", "8", "9" ] }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "7" - ] - }, { "operatingsystem": "Rocky", "operatingsystemrelease": [ @@ -69,14 +62,12 @@ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "10", "11" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "18.04", "20.04", "22.04" ] @@ -88,7 +79,7 @@ "version_requirement": ">= 6.0.0 < 8.0.0" } ], - "pdk-version": "2.1.0", + "pdk-version": "2.7.1", "template-url": "https://github.com/treydock/pdk-templates.git#master", - "template-ref": "heads/master-0-gbfcd6dd" + "template-ref": "heads/master-0-g70732db" } diff --git a/spec/acceptance/1_class_spec.rb b/spec/acceptance/1_class_spec.rb index 15d8bd3c..48d81f30 100644 --- a/spec/acceptance/1_class_spec.rb +++ b/spec/acceptance/1_class_spec.rb @@ -70,7 +70,7 @@ class { 'keycloak': pp = <<-PUPPET_PP class { 'keycloak': http_relative_path => '/auth', - java_opts => '-Xmx512m -Xms64m', + java_opts => '-Xmx512m -Xms64m -Djava.net.preferIPv4Stack=true', configs => { 'metrics-enabled' => true, }, diff --git a/spec/acceptance/nodesets/debian-10.yml b/spec/acceptance/nodesets/debian-10.yml deleted file mode 100644 index 6f96bade..00000000 --- a/spec/acceptance/nodesets/debian-10.yml +++ /dev/null @@ -1,28 +0,0 @@ -HOSTS: - debian10: - roles: - - agent - platform: debian-10-amd64 - hypervisor: docker - image: debian:10 - docker_preserve_image: true - docker_cmd: - - '/sbin/init' - docker_image_commands: - - 'apt-get install -y wget net-tools systemd-sysv locales apt-transport-https ca-certificates iproute2' - - 'echo "LC_ALL=en_US.UTF-8" >> /etc/environment' - - 'echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen' - - 'echo "LANG=en_US.UTF-8" > /etc/locale.conf' - - 'locale-gen en_US.UTF-8' - docker_env: - - LANG=en_US.UTF-8 - - LANGUAGE=en_US.UTF-8 - - LC_ALL=en_US.UTF-8 - docker_container_name: 'keycloak-debian10' -CONFIG: - log_level: debug - type: foss -ssh: - password: root - auth_methods: ["password"] - diff --git a/spec/acceptance/nodesets/el7.yml b/spec/acceptance/nodesets/el7.yml deleted file mode 100644 index 7ddcf4ff..00000000 --- a/spec/acceptance/nodesets/el7.yml +++ /dev/null @@ -1,26 +0,0 @@ -HOSTS: - centos-7: - roles: - - agent - platform: el-7-x86_64 - hypervisor: docker - image: centos:7 - docker_preserve_image: true - docker_cmd: - - '/usr/sbin/init' - docker_image_commands: - - 'yum install -y wget which cronie iproute initscripts' - - 'wget --no-check-certificate https://copr.fedorainfracloud.org/coprs/jsynacek/systemd-backports-for-centos-7/repo/epel-7/jsynacek-systemd-backports-for-centos-7-epel-7.repo -O /etc/yum.repos.d/jsynacek-systemd-centos-7.repo' - - 'yum update -y systemd' - docker_env: - - LANG=en_US.UTF-8 - - LANGUAGE=en_US.UTF-8 - - LC_ALL=en_US.UTF-8 - docker_container_name: 'keycloak-el7' -CONFIG: - log_level: debug - type: foss -ssh: - password: root - auth_methods: ["password"] - diff --git a/spec/acceptance/nodesets/ubuntu-1804.yml b/spec/acceptance/nodesets/ubuntu-1804.yml deleted file mode 100644 index f16a93b0..00000000 --- a/spec/acceptance/nodesets/ubuntu-1804.yml +++ /dev/null @@ -1,25 +0,0 @@ -HOSTS: - ubuntu1804: - roles: - - agent - platform: ubuntu-18.04-amd64 - hypervisor : docker - image: ubuntu:18.04 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - "rm -f /etc/dpkg/dpkg.cfg.d/excludes" - - 'apt-get install -y wget net-tools iproute2 locales apt-transport-https ca-certificates lsb-release' - - 'locale-gen en_US.UTF-8' - docker_env: - - LANG=en_US.UTF-8 - - LANGUAGE=en_US.UTF-8 - - LC_ALL=en_US.UTF-8 - docker_container_name: 'keycloak-ubuntu1804' -CONFIG: - log_level: debug - type: foss -ssh: - password: root - auth_methods: ["password"] - diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 7bf21866..7b503e98 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -8,7 +8,7 @@ let(:facts) do facts.merge(concat_basedir: '/dne') end - let(:version) { '21.0.1' } + let(:version) { '22.0.0' } case facts[:osfamily] when %r{RedHat} diff --git a/spec/defines/spi_deployment_spec.rb b/spec/defines/spi_deployment_spec.rb index d479e681..4a5e2c0b 100644 --- a/spec/defines/spi_deployment_spec.rb +++ b/spec/defines/spi_deployment_spec.rb @@ -8,7 +8,7 @@ let(:facts) do facts.merge(concat_basedir: '/dne') end - let(:version) { '21.0.1' } + let(:version) { '22.0.0' } let(:title) { 'duo-spi' } let(:params) { { deployed_name: 'keycloak-duo-spi-jar-with-dependencies.jar', source: 'https://example.com/files/keycloak-duo-spi-jar-with-dependencies.jar' } } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 036b5f84..7272754c 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -25,7 +25,7 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) + default_facts.merge!(YAML.safe_load(File.read(f))) rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end diff --git a/spec/spec_helper_acceptance_setup.rb b/spec/spec_helper_acceptance_setup.rb index adc760d4..895ad96e 100644 --- a/spec/spec_helper_acceptance_setup.rb +++ b/spec/spec_helper_acceptance_setup.rb @@ -3,7 +3,7 @@ RSpec.configure do |c| c.add_setting :keycloak_version keycloak_version = if ENV['BEAKER_keycloak_version'].nil? || ENV['BEAKER_keycloak_version'].empty? - '21.0.1' + '22.0.0' else ENV['BEAKER_keycloak_version'] end @@ -27,26 +27,17 @@ - name: "Common" path: "common.yaml" HIERA_YAML -centos7_yaml = <<-EL7_YAML -postgresql::server::service_reload: 'systemctl reload postgresql 2>/dev/null 1>/dev/null' -EL7_YAML -ubuntu1804_yaml = <<-UBUNTU18_YAML -keycloak::db: mysql -UBUNTU18_YAML common_yaml = <<-COMMON_YAML --- keycloak::version: '#{RSpec.configuration.keycloak_version}' keycloak::http_host: '127.0.0.1' keycloak::db: mariadb keycloak::proxy: edge +# Force only listen on IPv4 for testing +keycloak::java_opts: '-Djava.net.preferIPv4Stack=true' postgresql::server::service_status: 'service postgresql status 2>/dev/null 1>/dev/null' COMMON_YAML create_remote_file(hosts, '/etc/puppetlabs/puppet/hiera.yaml', hiera_yaml) on hosts, 'mkdir -p /etc/puppetlabs/puppet/data' create_remote_file(hosts, '/etc/puppetlabs/puppet/data/common.yaml', common_yaml) -on hosts, 'mkdir -p /etc/puppetlabs/puppet/data/os/CentOS' -create_remote_file(hosts, '/etc/puppetlabs/puppet/data/os/CentOS/7.yaml', centos7_yaml) -on hosts, 'mkdir -p /etc/puppetlabs/puppet/data/os/Ubuntu' -create_remote_file(hosts, '/etc/puppetlabs/puppet/data/os/Ubuntu/18.04.yaml', ubuntu1804_yaml) -on hosts, 'mkdir -p /etc/puppetlabs/puppet/data/os/Debian' diff --git a/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb b/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb index 0f2c7e18..66ed428b 100644 --- a/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb +++ b/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb @@ -79,8 +79,8 @@ }.to raise_error(%r{foo}) end - it 'defaults to use_truststore_spi=ldapsOnly' do - expect(resource[:use_truststore_spi]).to eq('ldapsOnly') + it 'defaults to use_truststore_spi=always' do + expect(resource[:use_truststore_spi]).to eq('always') end it 'does not allow invalid use_truststore_spi' do