diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..f960a45 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,170 @@ +--- +require: +- rubocop-rspec +- rubocop-i18n +AllCops: + DisplayCopNames: true + TargetRubyVersion: '2.6' + Include: + - "**/*.rb" + Exclude: + - bin/* + - ".vendor/**/*" + - "**/Gemfile" + - "**/Rakefile" + - pkg/**/* + - spec/fixtures/**/* + - vendor/**/* + - "**/Puppetfile" + - "**/Vagrantfile" + - "**/Guardfile" +Layout/EmptyLinesAroundAttributeAccessor: + Enabled: true +Layout/LineLength: + Description: People have wide screens, use them. + Max: 200 +Layout/SpaceAroundMethodCallOperator: + Enabled: true +Lint/RaiseException: + Enabled: true +Lint/StructNewOverride: + Enabled: false +I18n/GetText: + Enabled: false +I18n/GetText/DecorateString: + Description: We don't want to decorate test output. + Exclude: + - spec/**/* + Enabled: false +Naming/AccessorMethodName: + Exclude: + - spec/**/* +RSpec/BeforeAfterAll: + Description: Beware of using after(:all) as it may cause state to leak between tests. + A necessary evil in acceptance testing. + Exclude: + - spec/acceptance/**/*.rb +RSpec/ExpectInHook: + Exclude: + - spec/unit/**/*.rb +RSpec/HookArgument: + Description: Prefer explicit :each argument, matching existing module's style + EnforcedStyle: each +RSpec/NamedSubject: + Exclude: + - spec/classes/**/* + - spec/defines/**/* +Style/BlockDelimiters: + Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to + be consistent then. + EnforcedStyle: braces_for_chaining +Style/ClassAndModuleChildren: + Description: Compact style reduces the required amount of indentation. + EnforcedStyle: compact +Style/EmptyElse: + Description: Enforce against empty else clauses, but allow `nil` for clarity. + EnforcedStyle: empty +Style/ExponentialNotation: + Enabled: true +Style/FormatString: + Description: Following the main puppet project's style, prefer the % format format. + EnforcedStyle: percent +Style/FormatStringToken: + Description: Following the main puppet project's style, prefer the simpler template + tokens over annotated ones. + EnforcedStyle: template +Style/HashEachMethods: + Enabled: true +Style/HashSyntax: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: + Enabled: true +Style/Lambda: + Description: Prefer the keyword for easier discoverability. + EnforcedStyle: literal +Style/MixinUsage: + Exclude: + - spec/**/* +Style/RedundantBegin: + Enabled: false +Style/RegexpLiteral: + Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 + EnforcedStyle: percent_r +Style/TernaryParentheses: + Description: Checks for use of parentheses around ternary conditions. Enforce parentheses + on complex expressions for better readability, but seriously consider breaking + it up. + EnforcedStyle: require_parentheses_when_complex +Style/TrailingCommaInArguments: + Description: Prefer always trailing comma on multiline argument lists. This makes + diffs, and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/TrailingCommaInArrayLiteral: + Description: Prefer always trailing comma on multiline literals. This makes diffs, + and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/SlicingWithRange: + Enabled: true +Style/SymbolArray: + Description: Using percent style obscures symbolic intent of array's contents. + EnforcedStyle: brackets +RSpec/MessageSpies: + EnforcedStyle: receive +Style/Documentation: + Exclude: + - lib/puppet/parser/functions/**/* + - spec/**/* +Style/WordArray: + EnforcedStyle: brackets +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true +I18n/GetText/DecorateFunctionMessage: + Enabled: false +I18n/GetText/DecorateStringFormattingUsingInterpolation: + Enabled: false +I18n/GetText/DecorateStringFormattingUsingPercent: + Enabled: false +Layout/EndOfLine: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Metrics/AbcSize: + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false +Metrics/PerceivedComplexity: + Enabled: false +RSpec/DescribeClass: + Enabled: false +RSpec/ExampleLength: + Enabled: false +RSpec/MessageExpectation: + Enabled: false +RSpec/MultipleExpectations: + Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/NestedGroups: + Enabled: false +Style/AsciiComments: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/SymbolProc: + Enabled: false diff --git a/manifests/init.pp b/manifests/init.pp index 9b9233c..74c6383 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -58,42 +58,44 @@ String[1] $package_ensure = simplib::lookup('simp_options::package_ensure', { 'default_value' => 'installed' }), ) { - #TODO Fix the inconsistent use of strings versus arrays. Some of these - # config items are strings that contain a space-separated list of items. - xinetd::validate_log_type($log_type) - if $x_bind { simplib::validate_net_list($x_bind) } - if $no_access { simplib::validate_net_list($no_access) } + package { 'xinetd': + ensure => $package_ensure + } - $_only_from = simplib::nets2cidr($trusted_nets) + unless $package_ensure == 'absent' { + #TODO Fix the inconsistent use of strings versus arrays. Some of these + # config items are strings that contain a space-separated list of items. + xinetd::validate_log_type($log_type) + if $x_bind { simplib::validate_net_list($x_bind) } + if $no_access { simplib::validate_net_list($no_access) } - file { '/etc/xinetd.conf': - owner => 'root', - group => 'root', - mode => '0600', - content => template('xinetd/xinetd.conf.erb'), - notify => [ Service['xinetd'] ], - require => Package['xinetd'] - } + $_only_from = simplib::nets2cidr($trusted_nets) - file { '/etc/xinetd.d': - ensure => 'directory', - owner => 'root', - group => 'root', - mode => '0640', - recurse => true, - purge => $purge, - require => Package['xinetd'] - } + file { '/etc/xinetd.conf': + owner => 'root', + group => 'root', + mode => '0600', + content => template('xinetd/xinetd.conf.erb'), + notify => [ Service['xinetd'] ], + require => Package['xinetd'] + } - package { 'xinetd': - ensure => $package_ensure - } + file { '/etc/xinetd.d': + ensure => 'directory', + owner => 'root', + group => 'root', + mode => '0640', + recurse => true, + purge => $purge, + require => Package['xinetd'] + } - service { 'xinetd': - ensure => 'running', - enable => true, - hasstatus => true, - restart => '( /bin/ps -C xinetd && /sbin/service xinetd reload ) || /sbin/service xinetd start', - require => Package['xinetd'] + service { 'xinetd': + ensure => 'running', + enable => true, + hasstatus => true, + restart => '( /bin/ps -C xinetd && /sbin/service xinetd reload ) || /sbin/service xinetd start', + require => Package['xinetd'] + } } } diff --git a/manifests/service.pp b/manifests/service.pp index 40a8948..662d927 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -110,62 +110,64 @@ Boolean $firewall = simplib::lookup('simp_options::firewall', { 'default_value' => false }), Boolean $tcpwrappers = simplib::lookup('simp_options::tcpwrappers', { 'default_value' => false }) ) { - xinetd::validate_log_type($log_type) + include 'xinetd' - if ($redirect_ip and $redirect_port) { simplib::validate_net_list("${redirect_ip}:${redirect_port}") } - if $x_bind { simplib::validate_net_list($x_bind) } + unless $xinetd::package_ensure == 'absent' { - $_only_from = simplib::nets2cidr($trusted_nets) + xinetd::validate_log_type($log_type) - include 'xinetd' + if ($redirect_ip and $redirect_port) { simplib::validate_net_list("${redirect_ip}:${redirect_port}") } + if $x_bind { simplib::validate_net_list($x_bind) } - file { "/etc/xinetd.d/${name}": - owner => 'root', - group => 'root', - mode => '0640', - content => template('xinetd/xinetd.service.erb'), - notify => Service['xinetd'] - } + $_only_from = simplib::nets2cidr($trusted_nets) - if $firewall { - simplib::assert_optional_dependency($module_name, 'simp/iptables') + file { "/etc/xinetd.d/${name}": + owner => 'root', + group => 'root', + mode => '0640', + content => template('xinetd/xinetd.service.erb'), + notify => Service['xinetd'] + } - include 'iptables' - case $protocol { - 'tcp': { - iptables::listen::tcp_stateful { "allow_${name}": - order => 11, - trusted_nets => $trusted_nets, - dports => $port + if $firewall { + simplib::assert_optional_dependency($module_name, 'simp/iptables') + + include 'iptables' + case $protocol { + 'tcp': { + iptables::listen::tcp_stateful { "allow_${name}": + order => 11, + trusted_nets => $trusted_nets, + dports => $port + } } - } - 'udp': { - iptables::listen::udp { "allow_${name}": - order => 11, - trusted_nets => $trusted_nets, - dports => $port + 'udp': { + iptables::listen::udp { "allow_${name}": + order => 11, + trusted_nets => $trusted_nets, + dports => $port + } + } + default: { } - } - default: { } } - } - if $tcpwrappers { - simplib::assert_optional_dependency($module_name, 'simp/tcpwrappers') + if $tcpwrappers { + simplib::assert_optional_dependency($module_name, 'simp/tcpwrappers') - include 'tcpwrappers' + include 'tcpwrappers' - if $libwrap_name { - tcpwrappers::allow { $libwrap_name: - pattern => $trusted_nets + if $libwrap_name { + tcpwrappers::allow { $libwrap_name: + pattern => $trusted_nets + } } - } - else { - tcpwrappers::allow { $name: - pattern => $trusted_nets + else { + tcpwrappers::allow { $name: + pattern => $trusted_nets + } } } } - } diff --git a/metadata.json b/metadata.json index 7dff647..8d36c7c 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "simp-xinetd", - "version": "4.3.0", + "version": "4.3.1", "author": "SIMP Team", "summary": "Manages xinetd", "license": "Apache-2.0", diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 77dd571..11da3f7 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -20,7 +20,7 @@ end describe 'xinetd' do - context 'supported operating systems' do + context 'with supported operating systems' do on_supported_os.each do |os, facts| context "on #{os}" do let(:facts) do @@ -104,6 +104,15 @@ }) end end + + context 'when uninstalling the package' do + let(:params) { { :package_ensure => 'absent' } } + + it { is_expected.to contain_package('xinetd').with_ensure('absent') } + it { is_expected.to_not contain_file('/etc/xinetd.conf') } + it { is_expected.to_not contain_file('/etc/xinetd.d') } + it { is_expected.to_not contain_service('xinetd') } + end end end end diff --git a/spec/defines/service_spec.rb b/spec/defines/service_spec.rb index ff71b8e..6c2f0ab 100644 --- a/spec/defines/service_spec.rb +++ b/spec/defines/service_spec.rb @@ -50,9 +50,22 @@ EOM }) + end + it { is_expected.to_not contain_class('iptables') } it { is_expected.to_not contain_class('tcpwrappers') } + + context 'when uninstalling the package' do + let(:pre_condition){ + <<-PRECOND + class { 'xinetd': package_ensure => 'absent' } + PRECOND + } + + it { is_expected.to compile.with_all_deps } + it { is_expected.to_not contain_file('/etc/xinetd.d/tftp') } + end end context 'optional parameters set' do