Major updates, see description (treydock#40)

Drop Globus v4 support - all parameters used by only Globus v4 are removed Drop Debian 10, Ubuntu 18.04 support Drop Puppet 6 support Add Debian 11, EL9, Ubuntu 22.04 support Add Puppet 8 support Update to support latest module dependencies
kuleuven · Nov 28, 2023 · d5096b2 · d5096b2
1 parent acbbbf9
commit d5096b2
Show file tree

Hide file tree

Showing 40 changed files with 192 additions and 1,501 deletions.
diff --git a/.fixtures.yml b/.fixtures.yml
@@ -10,6 +10,7 @@ fixtures:
       repo: puppetlabs/inifile
     firewall:
       repo: puppetlabs/firewall
+      ref: '6.0.0'
     yumrepo_core:
       repo: puppetlabs/yumrepo_core
     python:

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -16,22 +16,21 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - ruby: 2.5.9
-            puppet: 6
+          - ruby: 2.7.7
+            puppet: 7
             fixtures: .fixtures.yml
             allow_failure: false
-          - ruby: 2.7.6
-            puppet: 7
+          - ruby: 3.2.2
+            puppet: 8
             fixtures: .fixtures.yml
             allow_failure: false
     env:
       BUNDLE_WITHOUT: system_tests:release
       PUPPET_GEM_VERSION: "~> ${{ matrix.puppet }}.0"
-      FACTER_GEM_VERSION: "< 4.0"
       FIXTURES_YML: ${{ matrix.fixtures }}
     name: Puppet ${{ matrix.puppet }} (Ruby ${{ matrix.ruby }})
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Setup ruby
         uses: ruby/setup-ruby@v1
         with:
@@ -51,12 +50,12 @@ jobs:
         set:
           - "el7"
           - "el8"
-          - "debian-10"
-          - "ubuntu-1804"
+          - "debian-11"
           - "ubuntu-2004"
+          - "ubuntu-2204"
         puppet:
-          - "puppet6"
           - "puppet7"
+          - "puppet8"
     env:
       BUNDLE_WITHOUT: development:release
       BEAKER_debug: true
@@ -66,7 +65,15 @@ jobs:
         run: |
           echo '{"ipv6":true,"fixed-cidr-v6":"2001:db8:1::/64"}' | sudo tee /etc/docker/daemon.json
           sudo service docker restart
-      - uses: actions/checkout@v2
+      # https://github.com/actions/virtual-environments/issues/181#issuecomment-610874237
+      - name: apparmor
+        run: |
+            set -x
+            sudo apt-get remove mysql-server --purge
+            sudo apt-get update
+            sudo apt-get install apparmor-profiles
+            sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
+      - uses: actions/checkout@v3
       - name: Setup ruby
         uses: ruby/setup-ruby@v1
         with:

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Setup Ruby
         uses: ruby/setup-ruby@v1
         with:

diff --git a/.sync.yml b/.sync.yml
@@ -5,12 +5,12 @@
       - el7
       - el8
       - ---el9
-      - debian-10
-      - ubuntu-1804
+      - debian-11
       - ubuntu-2004
+      - ubuntu-2204
     puppet:
-      - puppet6
       - puppet7
+      - puppet8
 .rubocop.yml:
   profiles:
     strict:
@@ -27,9 +27,3 @@ spec/acceptance/nodesets/el7.yml:
   extra_commands:
     - 'echo "LC_ALL=en_US.UTF-8" >> /etc/environment'
     - 'echo "LANG=en_US.UTF-8" > /etc/locale.conf'
-spec/acceptance/nodesets/el9.yml:
-  delete: true
-spec/acceptance/nodesets/debian-11.yml:
-  delete: true
-spec/acceptance/nodesets/ubuntu-2204.yml:
-  delete: true
diff --git a/Gemfile b/Gemfile
@@ -17,7 +17,7 @@ ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
 minor_version = ruby_version_segments[0..1].join('.')
 
 group :development do
-  gem "voxpupuli-test", '5.4.1',    require: false
+  gem "voxpupuli-test", '7.0.0',    require: false
   gem "faraday", '~> 1.0',          require: false
   gem "github_changelog_generator", require: false
   gem "puppet-blacksmith",          require: false

diff --git a/README.md b/README.md
@@ -9,24 +9,14 @@ This module manages Globus Connect Server.
 
 ### Supported Versions of Globus
 
-Currently this module supports Globus 4.x and 5.4.
+Currently this module supports Globus 5.4.
 
 | Globus Version | Globus Puppet module versions |
 | -------------- | ----------------------------- |
 | 4.x            | 3.x                           |
 | 4.x & 5.3      | 4.x                           |
-| 4.x & 5.4      | 5.x-7.x                       |
-
-
-### Upgrading to module version 5.x
-
-Going from a version of this module prior to 5.0.0 to 5.x and using Globus v5 requires manual upgrade be performed.
-
-See [Globus v5.4 Migration Guide](https://docs.globus.org/globus-connect-server/v5.4/migration-guide/) for details.
-
-For sites using Globus v4 it's necessary to set `globus::version` to `4` in order to continue using Globus v4 as the default version was changed.
-
-For sites using Globus v5.3 and upgrading this module 5.x, it's expected you are also upgrading to Globus v5.4. The parameters completely changed for Globus v5 support so see the examples below for changes needed and required parameters.
+| 4.x & 5.4      | 5.x-9.x                       |
+| 5.4            | 10.x                          |
 
 ## Usage
 
@@ -46,110 +36,6 @@ class { 'globus':
 }
 ```
 
-### Globus v4
-
-Install and configure a Globus IO endpoint that uses OAuth.  This example assumes host cert/key will not be provided by Globus.
-
-```puppet
-class { 'globus':
-  include_id_server => false,
-  globus_user => 'myusername',
-  globus_password => 'password',
-  endpoint_name => 'myorg',
-  endpoint_public => true,
-  myproxy_server => 'myproxy.example.com:7512',
-  oauth_server => 'myproxy.example.com',
-  security_identity_method => 'OAuth',
-  security_fetch_credentials_from_relay => false,
-  security_certificate_file => '/etc/grid-security/hostcert.pem',
-  security_key_file => '/etc/grid-security/hostkey.pem',
-  gridftp_server => $::fqdn,
-  gridftp_restrict_paths => ['RW~','N~/.*','RW/project'],
-  # Example of extra settings
-  extra_gridftp_settings => [
-    'log_level ALL',
-    'log_single /var/log/gridftp-auth.log',
-    'log_transfer /var/log/gridftp-transfer.log',
-  ],
-}
-```
-
-This is an example of setting up a system that acts as both MyProxy and OAuth host.  This example assumes the host cert/key are not provided by Globus.
-
-```puppet
-  class { 'globus':
-    include_io_server => false,
-    include_id_server => true,
-    include_oauth_server => true,
-    globus_user => 'myusername',
-    globus_password => 'password',
-    endpoint_name => 'myorg',
-    endpoint_public => true,
-    myproxy_server => 'myproxy.example.com:7512',
-    oauth_server => 'myproxy.example.com',
-    security_identity_method => 'OAuth',
-    security_fetch_credentials_from_relay => false,
-    security_certificate_file => '/etc/grid-security/hostcert.pem',
-    security_key_file => '/etc/grid-security/hostkey.pem',
-  }
-```
-
-Below is an example of setting up the IO server to use CILogon.
-
-```puppet
-  class { 'globus':
-    include_id_server => false,
-    globus_user => 'myusername',
-    globus_password => 'password',
-    endpoint_name => 'myorg',
-    endpoint_public => true,
-    myproxy_server => 'myproxy.example.com:7512',
-    oauth_server => 'myproxy.example.com',
-    security_identity_method => 'CILogon',
-    security_cilogon_identity_provider => 'My Org',
-    security_fetch_credentials_from_relay => false,
-    security_certificate_file => '/etc/grid-security/hostcert.pem',
-    security_key_file => '/etc/grid-security/hostkey.pem',
-    gridftp_server => $::fqdn,
-    gridftp_restrict_paths => ['RW~','N~/.*','RW/project'],
-    # Example of extra settings
-    extra_gridftp_settings => [
-      'log_level ALL',
-      'log_single /var/log/gridftp-auth.log',
-      'log_transfer /var/log/gridftp-transfer.log',
-    ],
-  }
-```
-
-Below is an example of what would be required to setup Globus GridFTP to also work with OSG GridFTP.  This example has not been verified since OSG 3.3.  OSG module referenced: https://github.com/treydock/puppet-osg
-
-```puppet
-  include ::osg
-  include ::osg::gridftp
-  class { '::globus':
-    manage_service => false,
-    include_id_server => false,
-    remove_cilogon_cron => true,
-    extra_gridftp_settings => [
-      'log_level ALL'
-      'log_single /var/log/gridftp-auth.log'
-      'log_transfer /var/log/gridftp.log'
-      '$LLGT_LOG_IDENT "gridftp-server-llgt"'
-      '$LCMAPS_DB_FILE "/etc/lcmaps.db"'
-      '$LCMAPS_POLICY_NAME "authorize_only"'
-      '$LLGT_LIFT_PRIVILEGED_PROTECTION "1"'
-      '$LCMAPS_DEBUG_LEVEL "2"'
-      '$FTPNOSORT 1'
-    ],
-    first_gridftp_callback => '|globus_mapping liblcas_lcmaps_gt4_mapping.so lcmaps_callout',
-  }
-  
-  # Add globus repo before installing OSG GridFTP
-  Yumrepo['Globus-Toolkit'] -> Package['osg-gridftp']
-  # Apply OSG GridFTP before Globus
-  Package['osg-gridftp'] -> Class['::globus::install']
-```
-
 ### Globus CLI
 
 To install the Globus CLI to `/opt/globus-cli` and create symlink for executable at `/usr/bin/globus`:
@@ -200,12 +86,7 @@ The `globus_info` fact exposes the information stored in `/var/lib/globus-connec
 Tested using
 
 * RedHat/CentOS 7
-* RedHat/Rocky 8
-* Debian 9
-* Debian 10
-* Ubuntu 18.04
-* Ubuntu 20.04
-
-## Limitations
+* RedHat/Rocky 8 & 9
+* Debian 11
+* Ubuntu 20.04 & 22.04
 
-At this time `globus::cli`, `globus::timer` and `globus::sdk` are not supported on Debian 9 due to older system Python
diff --git a/data/common.yaml b/data/common.yaml
@@ -1,5 +1,4 @@
 ---
-globus::toolkit_repo_baseurl: "https://downloads.globus.org/toolkit/gt6/stable/rpm/%{lookup('globus::url_os')}/%{facts.os.release.major}/$basearch/"
 globus::gcs_repo_baseurl: "https://downloads.globus.org/globus-connect-server/stable/rpm/%{lookup('globus::url_os')}/%{facts.os.release.major}/$basearch/"
 globus::release_url: 'https://downloads.globus.org/toolkit/globus-connect-server/globus-connect-server-repo-latest.noarch.rpm'
 globus::python::version: '3'
diff --git a/data/os/Debian.yaml b/data/os/Debian.yaml
@@ -1,7 +1,5 @@
 ---
 globus::release_url: http://downloads.globus.org/toolkit/gt6/stable/installers/repo/deb/globus-toolkit-repo_latest_all.deb
-globus::toolkit_repo_baseurl: https://downloads.globus.org/toolkit/gt6/stable/deb
-globus::toolkit_repo_testing_baseurl: https://downloads.globus.org/toolkit/gt6/testing/deb
 globus::gcs_repo_baseurl: https://downloads.globus.org/globus-connect-server/stable/deb
 globus::gcs_repo_testing_baseurl: https://downloads.globus.org/globus-connect-server/testing/deb
 globus::python::venv_ensure: present
diff --git a/data/os/RedHat.yaml b/data/os/RedHat.yaml
@@ -1,6 +1,4 @@
 ---
 globus::url_os: el
-globus::repo_dependencies:
-  - yum-plugin-priorities
 globus::python::pip_provider: pip3
 globus::python::venv_python_version: '3.6'
diff --git a/data/os/RedHat/9.yaml b/data/os/RedHat/9.yaml
@@ -0,0 +1,4 @@
+---
+globus::url_os: el
+globus::python::pip_provider: pip3
+globus::python::venv_python_version: '3.9'
diff --git a/lib/puppet/provider/globus_connect_config/ini_setting.rb b/lib/puppet/provider/globus_connect_config/ini_setting.rb
diff --git a/lib/puppet/type/globus_connect_config.rb b/lib/puppet/type/globus_connect_config.rb