(SIMP-8228) Fix hidepid and mcstransd issue (#63)

- No longer enable or install mcstransd by default
  - It is a user convenience feature and not required for core functionality
- Ensure that mcstransd is added to the GID assigned to `/proc` if one is
  assigned on the system
- Pin beaker to non-broken hashref.  This is required to handle slow VM issue 
  in GitLab whereby a host after reboot will have an uptime that is not greater
  than the uptime before the reboot.
- Update documentation
- Add Gemfile to gitlab.yml to ensure all tests are run when gems change.
- Add SIMP/ to gitlab.yml to ensure compliance acceptance suite is run when
  any compliance data changes.

SIMP-8228 #comment Fix hidepid and mcstransd issue

.fixtures.yml

@@ -14,6 +14,7 @@ fixtures:
     simp_options: https://github.com/simp/pupmod-simp-simp_options
     simplib: https://github.com/simp/pupmod-simp-simplib
     stdlib: https://github.com/simp/puppetlabs-stdlib
+    systemd: https://github.com/simp/puppet-systemd
     vox_selinux:
       repo: https://github.com/simp/pupmod-voxpupuli-selinux
       branch: simp-master

.gitlab-ci.yml

@@ -76,6 +76,8 @@ variables:
     - "{manifests,files,types}/**/*"
     - "templates/*.{erb,epp}"
     - "lib/**/*"
+    - "Gemfile"
+    - "SIMP/**/*"
   exists:
     - "spec/{classes,unit,defines,type_aliases,types,hosts}/**/*_spec.rb"
 
@@ -87,6 +89,8 @@ variables:
     - "{manifests,files,types}/**/*"
     - "templates/*.{erb,epp}"
     - "lib/**/*"
+    - "Gemfile"
+    - "SIMP/**/*"
   exists:
     - "spec/acceptance/**/*_spec.rb"
 

.rubocop.yml

@@ -0,0 +1,168 @@
+---
+require:
+- rubocop-rspec
+- rubocop-i18n
+AllCops:
+  DisplayCopNames: true
+  TargetRubyVersion: '2.4'
+  Include:
+  - "**/*.rb"
+  Exclude:
+  - bin/*
+  - ".vendor/**/*"
+  - "**/Gemfile"
+  - "**/Rakefile"
+  - pkg/**/*
+  - spec/fixtures/**/*
+  - vendor/**/*
+  - "**/Puppetfile"
+  - "**/Vagrantfile"
+  - "**/Guardfile"
+Layout/EmptyLinesAroundAttributeAccessor:
+  Enabled: true
+Layout/LineLength:
+  Description: People have wide screens, use them.
+  Max: 200
+Layout/SpaceAroundMethodCallOperator:
+  Enabled: true
+Lint/RaiseException:
+  Enabled: true
+Lint/StructNewOverride:
+  Enabled: false
+GetText:
+  Enabled: false
+GetText/DecorateString:
+  Description: We don't want to decorate test output.
+  Exclude:
+  - spec/**/*
+  Enabled: false
+Naming/AccessorMethodName:
+  Exclude:
+  - spec/**/*
+RSpec/BeforeAfterAll:
+  Description: Beware of using after(:all) as it may cause state to leak between tests.
+    A necessary evil in acceptance testing.
+  Exclude:
+  - spec/acceptance/**/*.rb
+RSpec/ExpectInHook:
+  Exclude:
+  - spec/unit/**/*.rb
+RSpec/HookArgument:
+  Description: Prefer explicit :each argument, matching existing module's style
+  EnforcedStyle: each
+RSpec/NamedSubject:
+  Exclude:
+  - spec/classes/**/*
+  - spec/defines/**/*
+Style/BlockDelimiters:
+  Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to
+    be consistent then.
+  EnforcedStyle: braces_for_chaining
+Style/ClassAndModuleChildren:
+  Description: Compact style reduces the required amount of indentation.
+  EnforcedStyle: compact
+Style/EmptyElse:
+  Description: Enforce against empty else clauses, but allow `nil` for clarity.
+  EnforcedStyle: empty
+Style/ExponentialNotation:
+  Enabled: true
+Style/FormatString:
+  Description: Following the main puppet project's style, prefer the % format format.
+  EnforcedStyle: percent
+Style/FormatStringToken:
+  Description: Following the main puppet project's style, prefer the simpler template
+    tokens over annotated ones.
+  EnforcedStyle: template
+Style/HashEachMethods:
+  Enabled: true
+Style/HashSyntax:
+  Enabled: false
+Style/HashTransformKeys:
+  Enabled: false
+Style/HashTransformValues:
+  Enabled: true
+Style/Lambda:
+  Description: Prefer the keyword for easier discoverability.
+  EnforcedStyle: literal
+Style/MixinUsage:
+  Exclude:
+  - spec/**/*
+Style/RedundantBegin:
+  Enabled: false
+Style/RegexpLiteral:
+  Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168
+  EnforcedStyle: percent_r
+Style/TernaryParentheses:
+  Description: Checks for use of parentheses around ternary conditions. Enforce parentheses
+    on complex expressions for better readability, but seriously consider breaking
+    it up.
+  EnforcedStyle: require_parentheses_when_complex
+Style/TrailingCommaInArguments:
+  Description: Prefer always trailing comma on multiline argument lists. This makes
+    diffs, and re-ordering nicer.
+  EnforcedStyleForMultiline: comma
+Style/TrailingCommaInArrayLiteral:
+  Description: Prefer always trailing comma on multiline literals. This makes diffs,
+    and re-ordering nicer.
+  EnforcedStyleForMultiline: comma
+Style/SlicingWithRange:
+  Enabled: true
+Style/SymbolArray:
+  Description: Using percent style obscures symbolic intent of array's contents.
+  EnforcedStyle: brackets
+RSpec/MessageSpies:
+  EnforcedStyle: receive
+Style/Documentation:
+  Exclude:
+  - lib/puppet/parser/functions/**/*
+  - spec/**/*
+Style/WordArray:
+  EnforcedStyle: brackets
+Style/CollectionMethods:
+  Enabled: true
+Style/MethodCalledOnDoEndBlock:
+  Enabled: true
+Style/StringMethods:
+  Enabled: true
+GetText/DecorateFunctionMessage:
+  Enabled: false
+GetText/DecorateStringFormattingUsingInterpolation:
+  Enabled: false
+GetText/DecorateStringFormattingUsingPercent:
+  Enabled: false
+Layout/EndOfLine:
+  Enabled: false
+Layout/HeredocIndentation:
+  Enabled: false
+Metrics/AbcSize:
+  Enabled: false
+Metrics/BlockLength:
+  Enabled: false
+Metrics/ClassLength:
+  Enabled: false
+Metrics/CyclomaticComplexity:
+  Enabled: false
+Metrics/MethodLength:
+  Enabled: false
+Metrics/ModuleLength:
+  Enabled: false
+Metrics/ParameterLists:
+  Enabled: false
+Metrics/PerceivedComplexity:
+  Enabled: false
+RSpec/DescribeClass:
+  Enabled: false
+RSpec/ExampleLength:
+  Enabled: false
+RSpec/MessageExpectation:
+  Enabled: false
+RSpec/MultipleExpectations:
+  Enabled: false
+RSpec/NestedGroups:
+  Enabled: false
+Style/AsciiComments:
+  Enabled: false
+Style/IfUnlessModifier:
+  Enabled: false
+Style/SymbolProc:
+  Enabled: false

CHANGELOG

@@ -1,11 +1,17 @@
+* Mon Sep 21 2020 Trevor Vaughan <[email protected]> - 2.6.0-0
+- No longer enable or install mcstransd by default
+  - It is a user convenience feature and not required for core functionality
+- Ensure that mcstransd is added to the GID assigned to `/proc` if one is
+  assigned on the system
+
 * Mon Jan 13 2020 Jeanne Greulich <[email protected]> - 2.5.1-0
 - Add EL8 defaults for Oracle Linux
 
 * Wed Nov 06 2019 Jeanne Greulich <[email protected]> - 2.5.1-0
 - Defined values for EL8 in data in modules.
 - Updated Gemfile versions to ones that support EL8.
 - Updated metadata.json to include support for CentOS 8 and RedHat 8
-- Added acceptance test  nodes for Centos8 and Redhat 8
+- Added acceptance test  nodes for CentOS 8 and RedHat 8
 - Removed $:: from top level variables.
 - Removed tests for Puppet 4 from travis.yml.
 - Bumped upper bound for simp-simplib to < 5.0.0

Gemfile

@@ -29,7 +29,8 @@ group :development do
 end
 
 group :system_tests do
-  gem 'beaker'
+  #gem 'beaker'
+  gem 'beaker', :git => 'https://github.com/voxpupuli/beaker', :ref => '2f03c5f'
   gem 'beaker-rspec'
   gem 'simp-beaker-helpers', ENV['SIMP_BEAKER_HELPERS_VERSION'] || ['>= 1.18.7', '< 2']
 end

README.md

@@ -8,14 +8,17 @@
 
 #### Table of Contents
 
-1. [Description](#description)
-2. [Setup - The basics of getting started with selinux](#setup)
-    * [What selinux affects](#what-selinux-affects)
-    * [Setup requirements](#setup-requirements)
-3. [Usage - Configuration options and additional functionality](#usage)
-4. [Reference](#reference)
-5. [Limitations - OS compatibility, etc.](#limitations)
-6. [Development - Guide for contributing to the module](#development)
+<!-- vim-markdown-toc GFM -->
+
+* [Description](#description)
+* [Setup](#setup)
+  * [What selinux affects](#what-selinux-affects)
+* [Usage](#usage)
+* [Reference](#reference)
+* [Limitations](#limitations)
+* [Development](#development)
+
+<!-- vim-markdown-toc -->
 
 ## Description
 
@@ -37,73 +40,14 @@ Manages the following:
     * `mcstrans`
     * `restorecond`
 
-### Setup Requirements
-
-This module requires the following:
-
-* [puppetlabs-stdlib](https://forge.puppet.com/puppetlabs/stdlib)
-* [simp-simplib](https://forge.puppet.com/simp/simplib)
-
 ## Usage
 
-    class { 'selinux': }
+    include 'selinux'
 
 ## Reference
 
-### Public Classes
-
-* [selinux](https://github.com/simp/pupmod-simp-selinux/blob/master/manifests/init.pp)
-
-#### Parameters
-
-* **`ensure`** (`Selinux::State`) *(defaults to: 'enforcing')*
-
-The state that SELinux should be in. Since you are calling this class, we assume that you want to enforce.
-
-* **`mode`** (`Enum['targeted','mls']`) *(defaults to: `'targeted'`)*
-
-The SELinux type you want to enforce. Note, it is quite possible that 'mls' will render your system inoperable.
-
-* **`autorelabel`** (`Boolean`) *(defaults to: `false`)*
-
-Automatically relabel the filesystem if needed
-
-* **`manage_utils_package`** (`Boolean`) *(defaults to: `true`)*
-
-If true, ensure policycoreutils-python is installed. This is a supplemental package that is required by semanage.
-
-* **`manage_mcstrans_package`** (`Boolean`)
-
-Manage the `mcstrans` package.
-
-* **`manage_mcstrans_service`** (`Boolean`)
-
-Manage the `mcstrans` service.
-
-* **`mcstrans_service_name`** (`String`)
-
-The `mcstrans` service name.
-
-* **`mcstrans_package_name`** (`String`)
-
-The `mcstrans` package name.
-
-* **`manage_restorecond_package`** (`Boolean`)
-
-Manage the `restorecond` package.
-
-* **`manage_restorecond_service`** (`Boolean`)
-
-Manage the `restorecond` service.
-
-* **`restorecond_package_name`** (`String`)
-
-The `restorecond` package name.
-
-* **`package_ensure`** (`String`) *(defaults to: `simplib::lookup('simp_options::package_ensure', { 'default_value' => 'installed' })`)*
-
-The ensure status of packages to be installed
-
+See the [REFERENCE.md][./REFERENCE.md] for a comprehensive overview of the
+module components.
 
 ## Limitations