pdk validate auto correction

manifests/addtogit.pp

@@ -9,52 +9,50 @@
   String $passphrase,
   String $reponame,
 ) {
-
-  include ::borgbackup::git
+  include borgbackup::git
 
   $gpg_home = $borgbackup::git::gpg_home
   $git_home = $borgbackup::git::git_home
   $configdir = $borgbackup::git::configdir
 
   $keys=join(
     [
-      "--recipient 'borg ${::fqdn}' --recipient ",
+      "--recipient 'borg ${facts['networking']['fqdn']}' --recipient ",
       $borgbackup::git::gpg_keys.keys().join(' --recipient '),
     ],''
   )
 
   # set exec defaults
   Exec {
-    environment => [ "GNUPGHOME=${gpg_home}" ],
+    environment => ["GNUPGHOME=${gpg_home}"],
     path        => '/usr/bin:/usr/sbin:/bin',
     notify      => Exec['commit git repo'],
   }
 
-
   if $passphrase == 'random' {
     # just create the file if it does non exist, or we cannot decrypt it
     exec { "create passphrase file ${title}":
       # lint:ignore:140chars
-      command => "cat /dev/random |tr -dc _A-Z-a-z-0-9 | head -c30 | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_pass.gpg",
+      command => "cat /dev/random |tr -dc _A-Z-a-z-0-9 | head -c30 | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg",
       # lint:endignore
-      require => [Exec["create gpg private key for ${::fqdn}"], File["${git_home}/${::fqdn}"]],
+      require => [Exec["create gpg private key for ${facts['networking']['fqdn']}"], File["${git_home}/${facts['networking']['fqdn']}"]],
       before  => Exec["initialize borg repo ${reponame}"],
       unless  => [
         # we cannot decrypt the file (so it's probably the same host, newly setup, or file does not exist
-        "gpg --decrypt -v --output /dev/null ${git_home}/${::fqdn}/${reponame}_pass.gpg",
+        "gpg --decrypt -v --output /dev/null ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg",
       ],
     }
   } else {
     # passphrase is explicitly set.
     $md5_passphrase = md5("${passphrase}\n")
 
     exec { "create passphrase file ${title}":
-      command => "echo ${passphrase} | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_pass.gpg",
-      require => [Exec["create gpg private key for ${::fqdn}"], File["${git_home}/${::fqdn}"]],
+      command => "echo ${passphrase} | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg",
+      require => [Exec["create gpg private key for ${facts['networking']['fqdn']}"], File["${git_home}/${facts['networking']['fqdn']}"]],
       before  => Exec["initialize borg repo ${reponame}"],
       unless  => [
         # check if file contains passphrase
-        "gpg -q --decrypt ${git_home}/${::fqdn}/${reponame}_pass.gpg |md5sum| grep -e '^${md5_passphrase}'",
+        "gpg -q --decrypt ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg |md5sum| grep -e '^${md5_passphrase}'",
       ],
     }
   } # end if $passphrase == 'random'
@@ -66,32 +64,31 @@
 
   # lint:ignore:140chars
   exec { "reencrypt passphrase file ${title}":
-    command => "gpg --decrypt ${git_home}/${::fqdn}/${reponame}_pass.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_pass.gpg",
+    command => "gpg --decrypt ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg",
     require => Exec["create passphrase file ${title}"],
     unless  => [
       # check if file is encrypted with correct keys
-      "gpg --decrypt -v --output /dev/null ${git_home}/${::fqdn}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'",
+      "gpg --decrypt -v --output /dev/null ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'",
     ],
   }
 
   exec { "create key file ${title}":
-    command  => "${configdir}/repo_${reponame}.sh exportkey | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_keyfile.gpg",
-    require  => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${::fqdn}"], File["${git_home}/${::fqdn}"]],
+    command  => "${configdir}/repo_${reponame}.sh exportkey | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg",
+    require  => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${facts['networking']['fqdn']}"], File["${git_home}/${facts['networking']['fqdn']}"]],
     provider => 'shell',
     unless   => [
       # check if file contains key
-      "A=`${configdir}/repo_${reponame}.sh exportkey|md5sum`; gpg --decrypt --output - ${git_home}/${::fqdn}/${reponame}_keyfile.gpg |md5sum|grep \$A",
+      "A=`${configdir}/repo_${reponame}.sh exportkey|md5sum`; gpg --decrypt --output - ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg |md5sum|grep \$A",
     ],
   }
 
   exec { "reencrypt key file ${title}":
-    command => "gpg --decrypt ${git_home}/${::fqdn}/${reponame}_keyfile.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${::fqdn}/${reponame}_keyfile.gpg",
-    require => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${::fqdn}","create key file ${title}"], File["${git_home}/${::fqdn}"]],
+    command => "gpg --decrypt ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg | gpg --encrypt --always-trust ${keys} > ${git_home}/${facts['networking']['fqdn']}/${reponame}_keyfile.gpg",
+    require => [Exec["initialize borg repo ${reponame}", "create gpg private key for ${facts['networking']['fqdn']}","create key file ${title}"], File["${git_home}/${facts['networking']['fqdn']}"]],
     unless  => [
       # check if file is encrypted with correct keys 
-      "gpg --decrypt -v --output /dev/null ${git_home}/${::fqdn}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'",
+      "gpg --decrypt -v --output /dev/null ${git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg 2>&1 |sed -n 's/^ .*<\\(.*\\)>\"$/\\L\\1/p'|sort|md5sum|grep -e '^${md5_keys}'",
     ],
   }
   # lint:endignore
 }
-

manifests/archive.pp

@@ -71,7 +71,7 @@
 #   Defaults to ''
 #
 define borgbackup::archive (
-  String                   $reponame           = $::fqdn,
+  String                   $reponame           = $facts['networking']['fqdn'],
   String                   $archive_name       = $title,
   Array                    $pre_commands       = [],
   Array                    $post_commands      = [],
@@ -89,24 +89,23 @@
   Variant[String, Integer] $keep_weekly        = 4,
   Variant[String, Integer] $keep_monthly       = 6,
   Variant[String, Integer] $keep_yearly        = '',
-){
-
+) {
   if ($stdin_cmd != '' and $create_includes != []) or ($stdin_cmd != '' and $create_excludes != []) {
     fail('borgbackup::archive $stdin_cmd cannot be used together with $create_includes or $create_exclude')
   }
 
-  include ::borgbackup
+  include borgbackup
 
-  $configdir = $::borgbackup::configdir
+  $configdir = $borgbackup::configdir
 
-  concat::fragment{ "borgbackup::archive ${reponame} create ${archive_name}":
+  concat::fragment { "borgbackup::archive ${reponame} create ${archive_name}":
     target  => "${configdir}/repo_${reponame}.sh",
     content => template('borgbackup/archive_create.erb'),
     order   => "20-${title}",
   }
 
   if $do_prune {
-    concat::fragment{ "borgbackup::archive ${reponame} prune ${archive_name}":
+    concat::fragment { "borgbackup::archive ${reponame} prune ${archive_name}":
       target  => "${configdir}/repo_${reponame}.sh",
       content => template('borgbackup/archive_prune.erb'),
       order   => "70-${title}",

manifests/authorized_key.pp

@@ -63,7 +63,6 @@
   Array   $restricts              = ['restrict'],
   Hash    $env_vars               = {},
 ) {
-
   case $restrict_to_repository {
     'yes': {
       $_restrict_to_repository = " --restrict-to-repository ${backuproot}/${reponame}"
@@ -108,7 +107,7 @@
 
   $borg_cmd = "${command}${_restrict_to_path}${_restrict_to_repository}${_append_only}${_storage_quota}"
 
-  concat::fragment{ $title:
+  concat::fragment { $title:
     target  => $target,
     content => template('borgbackup/authorized_key.erb'),
     order   => $title,

manifests/git.pp

@@ -42,8 +42,7 @@
   String $git_home       = "${borgbackup::configdir}/git",
   String $git_author     = 'borgbackup <root@${::fqdn}>',  # lint:ignore:single_quote_string_with_variables
 ) inherits borgbackup {
-
-  Package[$packages] -> Exec["create gpg private key for ${::fqdn}"]
+  Package[$packages] -> Exec["create gpg private key for ${facts['networking']['fqdn']}"]
   Package[$packages] -> Exec['setup git repo']
 
   ensure_packages($packages)
@@ -59,21 +58,21 @@
     mode   => '0700',
   }
 
-  exec { "create gpg private key for ${::fqdn}":
-    environment => [ "GNUPGHOME=${gpg_home}" ],
+  exec { "create gpg private key for ${facts['networking']['fqdn']}":
+    environment => ["GNUPGHOME=${gpg_home}"],
     path        => '/usr/bin:/usr/sbin:/bin',
-    command     => "gpg --quick-generate-key --batch --passphrase '' 'borg ${::fqdn}'",
-    unless      => "gpg --list-keys 'borg ${::fqdn}'",
+    command     => "gpg --quick-generate-key --batch --passphrase '' 'borg ${facts['networking']['fqdn']}'",
+    unless      => "gpg --list-keys 'borg ${facts['networking']['fqdn']}'",
     require     => File[$gpg_home],
   }
 
   $gpg_keys.each | $name, $gpgkey | {
     exec { "add gpg key ${name}":
-      environment => [ "GNUPGHOME=${gpg_home}" ],
+      environment => ["GNUPGHOME=${gpg_home}"],
       path        => '/usr/bin:/usr/sbin:/bin',
       command     => "echo \"${gpgkey}\"| gpg --import",
       unless      => "gpg --list-keys ${name}",
-      require     => [ File[$gpg_home], Exec["create gpg private key for ${::fqdn}"] ],
+      require     => [File[$gpg_home], Exec["create gpg private key for ${facts['networking']['fqdn']}"]],
     }
   }
 
@@ -99,15 +98,15 @@
     }
 
     exec { 'setup git repo':
-      environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ],
+      environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"],
       path        => '/usr/bin:/usr/sbin:/bin',
       command     => "git clone ${gitrepo} ${git_home}",
       creates     => $git_home,
       require     => File["${borgbackup::configdir}/.ssh/gitrepo_key"],
     }
 
     exec { 'pull git repo':
-      environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ],
+      environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"],
       path        => '/usr/bin:/usr/sbin:/bin',
       cwd         => $git_home,
       command     => 'git pull --rebase',
@@ -117,7 +116,7 @@
     }
 
     exec { 'push git repo':
-      environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ],
+      environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"],
       path        => '/usr/bin:/usr/sbin:/bin',
       cwd         => $git_home,
       command     => 'git push',
@@ -127,7 +126,7 @@
     }
   }
 
-  file { "${git_home}/${::fqdn}":
+  file { "${git_home}/${facts['networking']['fqdn']}":
     ensure  => 'directory',
     owner   => 'root',
     group   => 'root',
@@ -136,12 +135,11 @@
   }
 
   exec { 'commit git repo':
-    environment => [ "GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key" ],
+    environment => ["GIT_SSH_COMMAND=ssh -i ${borgbackup::configdir}/.ssh/gitrepo_key"],
     path        => '/usr/bin:/usr/sbin:/bin',
     cwd         => $git_home,
-    command     => "git add .;git commit --message 'autocommit on ${::fqdn}' --author='${git_author}'",
+    command     => "git add .;git commit --message 'autocommit on ${facts['networking']['fqdn']}' --author='${git_author}'",
     refreshonly => true,
     require     => Exec['setup git repo'],
   }
-
 }

manifests/init.pp

@@ -37,13 +37,12 @@
   Boolean $ensure_ssh_directory = true,
   String  $ssh_key_define       = '',
   Hash    $ssh_key_res          = {},
-  Hash    $repos                = {$::fqdn => {}},
+  Hash    $repos                = { $facts['networking']['fqdn'] => {} },
   String  $default_target       = '',
   Hash    $repos_defaults       = {},
   Hash    $archives             = {},
 ) {
-
-  include ::borgbackup::install
+  include borgbackup::install
 
   # create a configuration directory
   file { $configdir:

manifests/install.pp

@@ -15,9 +15,8 @@
 class borgbackup::install (
   Array  $packages       = ['borgbackup'],
   String $package_ensure = 'installed',
-){
-
-  package{ $packages:
+) {
+  package { $packages:
     ensure => $package_ensure,
     tag    => 'borgbackup',
   }

manifests/repo.pp

@@ -79,22 +79,21 @@
   String  $crontab_define = 'cron',
   Hash    $crontabs       = {},
   Optional[String] $check_host = undef,
-){
-
-  include ::borgbackup
+) {
+  include borgbackup
 
   if $check_host {
     # this function tries to open a tcp socket on port 22 (ssh) of server
     # if this fails, it sets the scoop to noop.
     borgbackup::noop_connection($check_host)
   }
 
-  $configdir = $::borgbackup::configdir
+  $configdir = $borgbackup::configdir
 
   if $passcommand == 'default' {
-    include ::borgbackup::git
+    include borgbackup::git
 
-    $_passcommand = "gpg --decrypt ${::borgbackup::git::git_home}/${::fqdn}/${reponame}_pass.gpg"
+    $_passcommand = "gpg --decrypt ${borgbackup::git::git_home}/${facts['networking']['fqdn']}/${reponame}_pass.gpg"
     $_env_vars = { 'GNUPGHOME' => $borgbackup::git::gpg_home } + $env_vars
     if $passphrase == '' {
       # default behaviour, save a random passphrase encrypted in git repo
@@ -107,7 +106,7 @@
     }
     # so add to git repo ...
     $add_gitrepo = {
-      "gitrepo-add-${::fqdn}-${reponame}" => {
+      "gitrepo-add-${facts['networking']['fqdn']}-${reponame}" => {
         passphrase => $_passphrase_to_git,
         reponame   => $reponame,
       },
@@ -124,7 +123,7 @@
     }
   }
 
-  exec{"initialize borg repo ${reponame}":
+  exec { "initialize borg repo ${reponame}":
     command => "${configdir}/repo_${reponame}.sh init",
     unless  => "${configdir}/repo_${reponame}.sh list",
     require => Concat["${configdir}/repo_${reponame}.sh"],
@@ -138,13 +137,13 @@
     mode  => '0700',
   }
 
-  concat::fragment{ "borgbackup::repo ${reponame} header":
+  concat::fragment { "borgbackup::repo ${reponame} header":
     target  => "${configdir}/repo_${reponame}.sh",
     content => template('borgbackup/repo_header.erb'),
     order   => '00-header',
   }
 
-  concat::fragment{ "borgbackup::repo ${name} footer":
+  concat::fragment { "borgbackup::repo ${name} footer":
     target  => "${configdir}/repo_${reponame}.sh",
     content => template('borgbackup/repo_footer.erb'),
     order   => '99-footer',

manifests/server.pp

@@ -32,7 +32,7 @@
 #   authorized-keys file
 #   defaults to {}
 #
-class borgbackup::server(
+class borgbackup::server (
   String  $backuproot               = '/srv/borgbackup',
   String  $borguser                  = 'borgbackup',
   String  $borggroup                = 'borgbackup',
@@ -42,10 +42,9 @@
   String  $authorized_keys_define   = 'borgbackup::authorized_key',
   Hash    $authorized_keys          = {},
   Hash    $authorized_keys_defaults = {},
-){
-
+) {
   if $user_ensure {
-    user{ $borguser:
+    user { $borguser:
       ensure     => present,
       comment    => 'borgbackup user',
       managehome => true,
@@ -69,7 +68,7 @@
         backuproot => $backuproot,
       }
     )
-    concat{ $authorized_keys_target:
+    concat { $authorized_keys_target:
       owner => $borguser,
       group => $borggroup,
       mode  => '0644',
@@ -85,5 +84,3 @@
     create_resources($authorized_keys_define, $authorized_keys, $_authorized_keys_defaults)
   }
 }
-
-

pdk.yaml

@@ -0,0 +1,2 @@
+---
+ignore: []