Support Keycloak 22, Drop EL7 and Ubuntu 18.04

EL7 doesn't have new enough OpenJDK and Ubuntu 18.04 is EOL The use_truststore_spi propery for keycloak_ldap_user_provider has default switched to 'always' and 'ldapsOnly' option removed
treydock · Jul 15, 2023 · c3ab677 · c3ab677
1 parent e5d93e8
commit c3ab677
Show file tree

Hide file tree

Showing 15 changed files with 31 additions and 108 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -35,11 +35,10 @@ jobs:
  env:
  BUNDLE_WITHOUT: system_tests:release
  PUPPET_GEM_VERSION: "~> ${{ matrix.puppet }}.0"
- FACTER_GEM_VERSION: "< 4.0"
  FIXTURES_YML: ${{ matrix.fixtures }}
  name: Puppet ${{ matrix.puppet }} (Ruby ${{ matrix.ruby }} fixtures=${{ matrix.fixtures }})
  steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
  - name: Setup ruby
  uses: ruby/setup-ruby@v1
  with:
@@ -57,7 +56,6 @@ jobs:
  fail-fast: false
  matrix:
  set:
- - "el7"
  - "el8"
  - "el9"
  - "debian-10"
@@ -69,17 +67,17 @@ jobs:
  - "puppet6"
  - "puppet7"
  keycloak_version:
- - "21.0.1"
+ - "22.0.0"
  keycloak_full:
  - "no"
  include:
  - set: "el8"
  puppet: "puppet6"
- keycloak_version: "21.0.1"
+ keycloak_version: "22.0.0"
  keycloak_full: "yes"
  - set: "el8"
  puppet: "puppet7"
- keycloak_version: "21.0.1"
+ keycloak_version: "22.0.0"
  keycloak_full: "yes"
  env:
  BUNDLE_WITHOUT: development:release
@@ -98,7 +96,7 @@ jobs:
  sudo apt-get update
  sudo apt-get install apparmor-profiles
  sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
  - name: Setup ruby
  uses: ruby/setup-ruby@v1
  with:

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -14,7 +14,7 @@ jobs:
  runs-on: ubuntu-latest
  steps:
  - name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
  - name: Setup Ruby
  uses: ruby/setup-ruby@v1
  with:

diff --git a/.sync.yml b/.sync.yml
@@ -15,7 +15,7 @@ Rakefile:
  acceptance_name: '${{ matrix.puppet }} ${{ matrix.set }} (keycloak=${{ matrix.keycloak_version }} full=${{ matrix.keycloak_full }})'
  acceptance_matrix:
  set:
- - el7
+ - ---el7
  - el8
  - el9
  - debian-10
@@ -26,17 +26,18 @@ Rakefile:
  puppet:
  - puppet6
  - puppet7
+ - ---puppet8
  keycloak_version:
- - '21.0.1'
+ - '22.0.0'
  keycloak_full: ['no']
  acceptance_includes:
  - set: el8
  puppet: puppet6
- keycloak_version: 21.0.1
+ keycloak_version: 22.0.0
  keycloak_full: 'yes'
  - set: el8
  puppet: puppet7
- keycloak_version: 21.0.1
+ keycloak_version: 22.0.0
  keycloak_full: 'yes'
 .gitignore:
  paths:
@@ -52,17 +53,14 @@ Rakefile:
  Enabled: false
 appveyor.yml:
  delete: true
-spec/acceptance/nodesets/debian-9.yml:
+spec/acceptance/nodesets/el7.yml:
  delete: true
 spec/acceptance/nodesets/debian-10.yml:
  packages:
  - iproute2
 spec/acceptance/nodesets/debian-11.yml:
  packages:
  - iproute2
-spec/acceptance/nodesets/ubuntu-1804.yml:
- packages:
- - iproute2
 spec/acceptance/nodesets/ubuntu-2004.yml:
  packages:
  - iproute2

diff --git a/README.md b/README.md
@@ -174,6 +174,7 @@ This module may work on earlier versions but this is the only version tested.
 | 18.x | 8.x |
 | 19.x - 21.x | 9.x |
 | 21.x | 10.x |
+| 22.x | 11.x |
 
 ## Usage
 
@@ -189,18 +190,18 @@ Install a specific version of Keycloak.
 
 ```puppet
 class { 'keycloak':
- version => '18.0.0',
+ version => '22.0.0',
  db => 'mariadb',
 }
 ```
 
 Upgrading Keycloak version works by changing `version` parameter as long as the `db` parameter is not the default of `dev-file`. An upgrade involves installing the new version without touching the old version, updating the symlink which defaults to `/opt/keycloak`, applying all changes to new version and then restarting the `keycloak` service.
 
-If the previous `version` was `18.0.0` using the following will upgrade to `19.0.0`:
+If the previous `version` was `22.0.0` using the following will upgrade to `23.0.0`:
 
 ```puppet
 class { 'keycloak':
- version => '19.0.0',
+ version => '23.0.0',
  db => 'mariadb',
 }
 ```

diff --git a/data/os/RedHat/7.yaml b/data/os/RedHat/7.yaml
diff --git a/lib/puppet/type/keycloak_ldap_user_provider.rb b/lib/puppet/type/keycloak_ldap_user_provider.rb
@@ -73,8 +73,8 @@
 
  newproperty(:use_truststore_spi) do
  desc 'useTruststoreSpi'
- defaultto 'ldapsOnly'
- newvalues('always', 'ldapsOnly', 'never')
+ defaultto 'always'
+ newvalues('always', 'never')
  munge { |v| v }
  end
 

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -214,15 +214,15 @@
 # Only necessary to set if the URL path to Keycloak is modified
 class keycloak (
  Boolean $manage_install = true,
- String $version = '21.0.1',
+ String $version = '22.0.0',
  Optional[Variant[Stdlib::HTTPUrl, Stdlib::HTTPSUrl]] $package_url= undef,
  Optional[Stdlib::Absolutepath] $install_dir = undef,
  Array[String[1]] $java_package_dependencies = [],
  Enum['include','class'] $java_declare_method = 'class',
- String[1] $java_package = 'java-11-openjdk-devel',
- Stdlib::Absolutepath $java_home = '/usr/lib/jvm/java-11-openjdk',
- Stdlib::Absolutepath $java_alternative_path = '/usr/lib/jvm/java-11-openjdk/bin/java',
- String[1] $java_alternative = '/usr/lib/jvm/java-11-openjdk/bin/java',
+ String[1] $java_package = 'java-17-openjdk-devel',
+ Stdlib::Absolutepath $java_home = '/usr/lib/jvm/java-17-openjdk',
+ Stdlib::Absolutepath $java_alternative_path = '/usr/lib/jvm/java-17-openjdk/bin/java',
+ String[1] $java_alternative = '/usr/lib/jvm/java-17-openjdk/bin/java',
  String $service_name = 'keycloak',
  String $service_ensure = 'running',
  Boolean $service_enable = true,

diff --git a/metadata.json b/metadata.json
@@ -41,17 +41,10 @@
  {
  "operatingsystem": "RedHat",
  "operatingsystemrelease": [
- "7",
  "8",
  "9"
  ]
  },
- {
- "operatingsystem": "CentOS",
- "operatingsystemrelease": [
- "7"
- ]
- },
  {
  "operatingsystem": "Rocky",
  "operatingsystemrelease": [
@@ -76,7 +69,6 @@
  {
  "operatingsystem": "Ubuntu",
  "operatingsystemrelease": [
- "18.04",
  "20.04",
  "22.04"
  ]
@@ -88,7 +80,7 @@
  "version_requirement": ">= 6.0.0 < 8.0.0"
  }
  ],
- "pdk-version": "2.1.0",
+ "pdk-version": "2.7.1",
  "template-url": "https://github.com/treydock/pdk-templates.git#master",
- "template-ref": "heads/master-0-gbfcd6dd"
+ "template-ref": "heads/master-0-g70732db"
 }
diff --git a/spec/acceptance/nodesets/el7.yml b/spec/acceptance/nodesets/el7.yml
diff --git a/spec/acceptance/nodesets/ubuntu-1804.yml b/spec/acceptance/nodesets/ubuntu-1804.yml
diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -8,7 +8,7 @@
  let(:facts) do
  facts.merge(concat_basedir: '/dne')
  end
- let(:version) { '21.0.1' }
+ let(:version) { '22.0.0' }
 
  case facts[:osfamily]
  when %r{RedHat}

diff --git a/spec/defines/spi_deployment_spec.rb b/spec/defines/spi_deployment_spec.rb
@@ -8,7 +8,7 @@
  let(:facts) do
  facts.merge(concat_basedir: '/dne')
  end
- let(:version) { '21.0.1' }
+ let(:version) { '22.0.0' }
  let(:title) { 'duo-spi' }
  let(:params) { { deployed_name: 'keycloak-duo-spi-jar-with-dependencies.jar', source: 'https://example.com/files/keycloak-duo-spi-jar-with-dependencies.jar' } }
 

diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -25,7 +25,7 @@
  next unless File.exist?(f) && File.readable?(f) && File.size?(f)
 
  begin
- default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
+ default_facts.merge!(YAML.safe_load(File.read(f)))
  rescue StandardError => e
  RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
  end

diff --git a/spec/spec_helper_acceptance_setup.rb b/spec/spec_helper_acceptance_setup.rb
@@ -3,7 +3,7 @@
 RSpec.configure do |c|
  c.add_setting :keycloak_version
  keycloak_version = if ENV['BEAKER_keycloak_version'].nil? || ENV['BEAKER_keycloak_version'].empty?
- '21.0.1'
+ '22.0.0'
  else
  ENV['BEAKER_keycloak_version']
  end
@@ -27,12 +27,6 @@
  - name: "Common"
  path: "common.yaml"
 HIERA_YAML
-centos7_yaml = <<-EL7_YAML
-postgresql::server::service_reload: 'systemctl reload postgresql 2>/dev/null 1>/dev/null'
-EL7_YAML
-ubuntu1804_yaml = <<-UBUNTU18_YAML
-keycloak::db: mysql
-UBUNTU18_YAML
 common_yaml = <<-COMMON_YAML
 ---
 keycloak::version: '#{RSpec.configuration.keycloak_version}'
@@ -45,8 +39,3 @@
 create_remote_file(hosts, '/etc/puppetlabs/puppet/hiera.yaml', hiera_yaml)
 on hosts, 'mkdir -p /etc/puppetlabs/puppet/data'
 create_remote_file(hosts, '/etc/puppetlabs/puppet/data/common.yaml', common_yaml)
-on hosts, 'mkdir -p /etc/puppetlabs/puppet/data/os/CentOS'
-create_remote_file(hosts, '/etc/puppetlabs/puppet/data/os/CentOS/7.yaml', centos7_yaml)
-on hosts, 'mkdir -p /etc/puppetlabs/puppet/data/os/Ubuntu'
-create_remote_file(hosts, '/etc/puppetlabs/puppet/data/os/Ubuntu/18.04.yaml', ubuntu1804_yaml)
-on hosts, 'mkdir -p /etc/puppetlabs/puppet/data/os/Debian'
diff --git a/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb b/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb
@@ -79,8 +79,8 @@
  }.to raise_error(%r{foo})
  end
 
- it 'defaults to use_truststore_spi=ldapsOnly' do
- expect(resource[:use_truststore_spi]).to eq('ldapsOnly')
+ it 'defaults to use_truststore_spi=always' do
+ expect(resource[:use_truststore_spi]).to eq('always')
  end
 
  it 'does not allow invalid use_truststore_spi' do