This commit runs `pdk update` using the most recent template at the
time (2.7.1) and updates metadata.json to allow Puppet versions
< 9.0.0 in preparation for the release of Puppet 8.
Aria Li [Mon, 17 Oct 2022 20:38:23 +0000 (13:38 -0700)]
(MODULES-11355) Update macOS runners to use more recent macOS version
GitHub announced they are deprecating macOS 10.15 runners for GitHub Actions by 12/1/2022. This PR migrates puppetlabs-sshkeys_core's GitHub Actions off of macOS 10.15.
We've had periodic failures in tests using the nightly gem,
potentially due to timing issues. This adds a simple shell loop
to retry downloading and installing the nightly gem.
Gabriel Nagy [Thu, 11 Mar 2021 14:36:09 +0000 (16:36 +0200)]
(MODULES-10953) Update metadata.json and pdk version
To avoid having to update this everytime we release a new agent
platform, it should be enough to specify the supported OS, without
specific versions. It is assumed that for each OS in metadata.json, the
versions supported are the same as what the agent itself supports.
Gabriel Nagy [Thu, 18 Feb 2021 13:55:43 +0000 (15:55 +0200)]
(maint) Pin puppet-module-gems
Pin puppet-module-posix-system and puppet-module-win-system to an older
version since the newer ones do not bundle some gems that we use in
acceptance (i.e. beaker-module_install_helper), causing tests to fail.
Gabriel Nagy [Thu, 18 Feb 2021 13:53:50 +0000 (15:53 +0200)]
(MODULES-10945) Do not install PDK when running PR tests
Create a separate group in the Gemfile for pdk and puppet-blacksmith
which are only used for releasing. In the workflow, avoid installing the
release group.
Luchian Nemes [Tue, 6 Oct 2020 06:27:12 +0000 (09:27 +0300)]
(maint) Add pdk and blacksmith back in Gemfile
During the removal of `puppet-module-dev`, the pdk and puppet-blacksmith
gems were also removed by mistake. This commit makes us able to release
again.
Using module https://github.com/ghoneycutt/puppet-module-ssh to export
and collect sshkey resources from nodes, an 'already declared' error
appears.
This happened because when the catalog is first converted to resouces,
the sshkey resource is added via
https://github.com/puppetlabs/puppet/blob/main/lib/puppet/resource/catalog.rb#L137,
where 'resource.ref'(https://github.com/puppetlabs/puppet/blob/main/lib/puppet/type.rb#L2548)
uses 'self.title'.
Since self.title goes to the title method defined in type.rb, it will
return a different title than the title method from
https://github.com/puppetlabs/puppetlabs-sshkeys_core/blob/main/lib/puppet/provider/sshkey/parsed.rb#L31.
This mismatch try to add both resource, resulting in the 'already
declared' error.
Luchian Nemes [Tue, 8 Sep 2020 14:48:41 +0000 (17:48 +0300)]
(MODULES-10800) Add GitHub Actions workflows
Added GitHub Actions workflows for `Static Code Analysis` and `Unit
Tests` that run each time there is a new `pull request` or `git push`.
`Unit tests` are also set to run every workday at `05:00:00 UTC`.
The `.yaml` config files of `Travis` and `AppVeyor` have been removed.
Luchian Nemes [Tue, 8 Sep 2020 14:48:03 +0000 (17:48 +0300)]
(maint) Remove 'puppet-module-dev' gem dependency
In preparation for the Puppet 7 release, the
`puppet-module-posix-dev-r2.7` and `puppet-module-posix-dev-r2.7` gems
had to be removed from `Gemfile` due to the following dependency error:
`puppet-module-posix-dev-r2.7` depends on
`puppet_litmus` which depends on
`bolt` which depends on
`puppet` which is locked to a version below 7
Also added the needed gems that were lost in the above removal process.
Gabriel Nagy [Wed, 27 May 2020 14:01:20 +0000 (17:01 +0300)]
(PUP-10510) Fix sshkeys not being correctly purged
After adding support for composite namevars in version 2.0.0, the module
lost the ability to purge sshkeys. This happens due to Puppet being
unable to correctly match the names and types of the sshkeys to be
purged.
Part of the fix was done in
https://github.com/puppetlabs/puppet/pull/8174, which changes how a
resource is initialized if the provider implements a `title` method.
Additionally, we add the key name and type to be included in the output
shown by `puppet resource`.
Gabriel Nagy [Tue, 13 Aug 2019 09:41:03 +0000 (12:41 +0300)]
(MODULES-9578) Create authorized_key in root path
Previously, when the `target` property was set, the ssh_authorized_key
resource could not create directories/files within root-owned paths.
This behavior is due to the module switching context to the user, then
attempting to create the directory/file as the specified user,
ultimately failing because of insufficient permissions.
This commit adds a new parameter, `drop_privileges` which when set to
false allows the module to write a ssh_authorized_key file in a
privileged path. Due to the possible security implications of this,
the parameter must be manually specified in order to activate this
functionality.
A path is considered to be privileged/trusted if all of its ancestors:
- do not contain any symlinks
- have the same owner as the user who runs Puppet
- are not world/group writable
projects / puppet-sshkeys_core.git / log