simp · silug · Jul 8, 2024 · Jul 3, 2024 · Jul 3, 2024
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,3 +1,6 @@
+* Wed Jul 03 2024 Steven Pritchard <[email protected]> - 7.7.2
+- Clean up legacy fact usage to support puppet 8
+
 * Wed Jan 17 2024 Richard Gardner <[email protected]> - 7.7.1
 - Updated hiera.yaml facts to support puppet 8
 

diff --git a/README.md b/README.md
@@ -8,18 +8,26 @@
 
 #### Table of Contents
 
-1. [Module Description - What the module does and why it is useful](#module-description)
-2. [Setup - The basics of getting started with Krb5](#setup)
-    * [What Krb5 affects](#what-krb5-affects)
-    * [Setup requirements](#setup-requirements)
-    * [Beginning with Krb5](#beginning-with-krb5)
-3. [Usage - Configuration options and additional functionality](#usage)
-    * [Automatic Management](#automatically-manage-the-kdc-and-keytabs-on-clients)
-    * [Manual Configuration](#manual-configuration-and-expansion)
-4. [Integration with SIMP NFS Module](#integration-with-simp-nfs-module)
-5. [Limitations - OS compatibility, etc.](#limitations)
-6. [Development - Guide for contributing to the module](#development)
-7. [Acceptance Tests](#acceptance-tests)
+- [Krb5](#krb5)
+      - [Table of Contents](#table-of-contents)
+  - [Module Description](#module-description)
+  - [Setup](#setup)
+    - [What krb5 affects](#what-krb5-affects)
+    - [Setup Requirements](#setup-requirements)
+    - [Beginning with krb5](#beginning-with-krb5)
+  - [Usage](#usage)
+    - [Automatically manage the KDC and keytabs on clients](#automatically-manage-the-kdc-and-keytabs-on-clients)
+    - [Keytab Propagation](#keytab-propagation)
+    - [Manual Configuration and Expansion](#manual-configuration-and-expansion)
+      - [Creating Admin Principals](#creating-admin-principals)
+        - [ACL Configuration](#acl-configuration)
+        - [Create Your Admin Principal](#create-your-admin-principal)
+        - [Creating Host Principals](#creating-host-principals)
+      - [Create Your Keytabs](#create-your-keytabs)
+    - [Integration with SIMP NFS Module](#integration-with-simp-nfs-module)
+  - [Limitations](#limitations)
+  - [Development](#development)
+  - [Acceptance tests](#acceptance-tests)
 
 ## Module Description
 
@@ -163,8 +171,8 @@ is **probably** appropriate for your organization.
 
 ```ruby
 
-   krb5_acl{ "${::domain}_admin":
-     principal       => "*/admin@${::domain}",
+   krb5_acl{ "${facts['networking']['domain']}_admin":
+     principal       => "*/admin@${facts['networking']['domain']}",
      operation_mask  => '*'
    }
 ```

diff --git a/REFERENCE.md b/REFERENCE.md
@@ -1487,7 +1487,7 @@ Default value: `true`
 
 The realms under which the hosts should be generated
 
-Default value: `Facter.value(:domain)`
+Default value: `Facter.value(:networking)['domain']`
 
 ##### <a name="-krb5kdc_auto_keytabs--user"></a>`user`
 

diff --git a/lib/puppet/type/krb5kdc_auto_keytabs.rb b/lib/puppet/type/krb5kdc_auto_keytabs.rb
@@ -150,7 +150,7 @@
       The realms under which the hosts should be generated
     DESC
 
-    defaultto(Facter.value(:domain))
+    defaultto(Facter.value(:networking)['domain'])
 
     validate do |value|
       unless (value.is_a?(String) || value.is_a?(Array)) || Array(value).count { |x| !x.is_a?(String) }.zero?

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "simp-krb5",
-  "version": "7.7.1",
+  "version": "7.7.2",
   "author": "SIMP Team",
   "summary": "Puppet management of the MIT kerberos stack",
   "license": "Apache-2.0",

diff --git a/spec/classes/client_spec.rb b/spec/classes/client_spec.rb
@@ -21,7 +21,7 @@
           it_behaves_like 'common config'
 
           # Based on the Hiera default.yaml
-          it { is_expected.to create_krb5__setting__realm(facts[:domain]).with_admin_server(facts[:fqdn]) }
+          it { is_expected.to create_krb5__setting__realm(facts[:networking][:domain]).with_admin_server(facts[:networking][:fqdn]) }
         end
 
         context 'with krb5::kdc declared' do
@@ -32,7 +32,7 @@
           it_behaves_like 'common config'
 
           # Based on the Hiera default.yaml
-          it { is_expected.to create_krb5__setting__realm(facts[:domain]).with_admin_server(facts[:fqdn]) }
+          it { is_expected.to create_krb5__setting__realm(facts[:networking][:domain]).with_admin_server(facts[:networking][:fqdn]) }
         end
 
         context 'when passed a custom set of realms' do
@@ -53,7 +53,7 @@
           it_behaves_like 'common config'
 
           # Based on the Hiera default.yaml
-          it { is_expected.not_to create_krb5__setting__realm(facts[:domain]).with_admin_server(facts[:fqdn]) }
+          it { is_expected.not_to create_krb5__setting__realm(facts[:networking][:domain]).with_admin_server(facts[:networking][:fqdn]) }
 
           it { is_expected.to create_krb5__setting__realm('realm.one').with_admin_server('admin.server.one') }
 

diff --git a/spec/classes/kdc_spec.rb b/spec/classes/kdc_spec.rb
@@ -9,8 +9,8 @@
   it { is_expected.to create_class('krb5::kdc::install') }
   it { is_expected.to create_class('krb5::kdc::config') }
   it { is_expected.to create_class('krb5::kdc::service') }
-  it { is_expected.to create_krb5__kdc__realm(facts[:domain]) }
-  it { is_expected.to create_krb5__setting__realm(facts[:domain]) }
+  it { is_expected.to create_krb5__kdc__realm(facts[:networking][:domain]) }
+  it { is_expected.to create_krb5__setting__realm(facts[:networking][:domain]) }
   it { is_expected.to contain_class('krb5::kdc::auto_keytabs') }
 
   it_behaves_like 'auto_keytab'
@@ -31,7 +31,7 @@
 end
 
 shared_examples_for 'auto_keytab' do
-  it { is_expected.to create_krb5kdc_auto_keytabs('__default__').with(:realms => facts[:domain]) }
+  it { is_expected.to create_krb5kdc_auto_keytabs('__default__').with(:realms => facts[:networking][:domain]) }
 end
 
 shared_examples_for 'selinux hotfix' do
@@ -62,7 +62,7 @@
           it { is_expected.not_to contain_package('krb5-server-ldap') }
           it { is_expected.not_to contain_class('krb5::kdc::firewall') }
 
-          if os_facts[:selinux]
+          unless os_facts.dig(:os, 'selinux').nil?
             it { is_expected.to contain_class('krb5::kdc::selinux_hotfix') }
           end
         end
@@ -71,7 +71,7 @@
           let(:params) { { :firewall => true, :haveged => true, :ldap => true } }
 
           it_behaves_like 'common kdc config'
-          if os_facts[:selinux]
+          unless os_facts.dig(:os, 'selinux').nil?
             it_behaves_like 'selinux hotfix'
           end
           it { is_expected.to contain_class('haveged') }
@@ -87,7 +87,7 @@
           end
 
           it_behaves_like 'common kdc config'
-          if os_facts[:selinux]
+          unless os_facts.dig(:os, 'selinux').nil?
             it_behaves_like 'selinux hotfix'
           end
         end

diff --git a/spec/defines/setting/realm_spec.rb b/spec/defines/setting/realm_spec.rb
@@ -18,7 +18,7 @@
 
         let(:params) do
           {
-            :admin_server => facts[:hostname]
+            :admin_server => facts[:networking][:hostname]
           }
         end
 

diff --git a/spec/fixtures/hieradata/default.yaml b/spec/fixtures/hieradata/default.yaml
@@ -1,4 +1,4 @@
 ---
-simp_options::puppet::server: "%{facts.fqdn}"
+simp_options::puppet::server: "%{facts.networking.fqdn}"
 simp_options::trusted_nets:
   - '1.2.3.4/32'
-Original file line number
+Diff line change
@@ Expand Up / @@ -18,7 +18,7 @@ @@
             let(:params) do
               {
-                :admin_server => facts[:hostname]
+                :admin_server => facts[:networking][:hostname]
               }
             end
@@ Expand Down @@