From 61219fa4795fd28f50e5df6293bf47a186a8b8ee Mon Sep 17 00:00:00 2001
From: Fabien COMBERNOUS <fabien.combernous@adullact.org>
Date: Fri, 26 Jan 2024 11:13:30 +0100
Subject: [PATCH] use pdk 2.7
---
.fixtures.yml | 4 +-
.pdkignore | 1 -
.rubocop.yml | 4 +-
.sync.yml | 5 +-
Gemfile | 48 ++++++-----
REFERENCE.md | 152 +++++++++++++++------------------
manifests/init.pp | 7 +-
metadata.json | 6 +-
spec/acceptance/coturn_spec.rb | 2 +
9 files changed, 109 insertions(+), 120 deletions(-)
diff --git a/.fixtures.yml b/.fixtures.yml
index eedcb80..3fd2c20 100644
--- a/.fixtures.yml
+++ b/.fixtures.yml
@@ -3,5 +3,5 @@
---
fixtures:
repositories:
- stdlib: 'git://github.com/puppetlabs/puppetlabs-stdlib'
- systemd: 'git://github.com/voxpupuli/puppet-systemd'
+ stdlib: 'https://github.com/puppetlabs/puppetlabs-stdlib.git'
+ systemd: 'https://github.com/voxpupuli/puppet-systemd.git'
diff --git a/.pdkignore b/.pdkignore
index c538bea..a956c8f 100644
--- a/.pdkignore
+++ b/.pdkignore
@@ -39,7 +39,6 @@
/rakelib/
/.rspec
/.rubocop.yml
-/.travis.yml
/.yardopts
/spec/
/.vscode/
diff --git a/.rubocop.yml b/.rubocop.yml
index 78c4c58..31e8248 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -4,7 +4,7 @@ require:
- rubocop-rspec
AllCops:
DisplayCopNames: true
- TargetRubyVersion: '2.4'
+ TargetRubyVersion: '2.5'
Include:
- "**/*.rb"
Exclude:
@@ -347,8 +347,6 @@ RSpec/ReceiveCounts:
Enabled: false
RSpec/ReceiveNever:
Enabled: false
-RSpec/RepeatedDescription:
- Enabled: false
RSpec/RepeatedExampleGroupBody:
Enabled: false
RSpec/RepeatedExampleGroupDescription:
diff --git a/.sync.yml b/.sync.yml
index d30d22d..6ff3f69 100644
--- a/.sync.yml
+++ b/.sync.yml
@@ -107,15 +107,14 @@ appveyor.yml:
Gemfile:
required:
':development':
+ - gem: 'puppet-blacksmith'
- gem: 'beaker-rspec'
- gem: 'beaker-puppet'
- gem: 'beaker-docker'
- gem: 'beaker-puppet_install_helper'
- gem: 'beaker-module_install_helper'
- gem: 'pdk'
- version: '2.3.0'
- - gem: 'puppet-strings'
- version: '2.9.0'
+ version: '2.7.1'
spec/spec_helper.rb:
mock_with: ':rspec'
diff --git a/Gemfile b/Gemfile
index 6ab204f..2f20570 100644
--- a/Gemfile
+++ b/Gemfile
@@ -13,28 +13,38 @@ def location_for(place_or_version, fake_version = nil)
end
end
-ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
-minor_version = ruby_version_segments[0..1].join('.')
-
group :development do
- gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
- gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
- gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
- gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
- gem "beaker-rspec", require: false
- gem "beaker-puppet", require: false
- gem "beaker-docker", require: false
- gem "beaker-puppet_install_helper", require: false
- gem "beaker-module_install_helper", require: false
- gem "pdk", '2.3.0', require: false
- gem "puppet-strings", '2.9.0', require: false
+ gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "voxpupuli-puppet-lint-plugins", '~> 4.0', require: false
+ gem "facterdb", '~> 1.18', require: false
+ gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false
+ gem "puppetlabs_spec_helper", '~> 5.0', require: false
+ gem "rspec-puppet-facts", '~> 2.0', require: false
+ gem "codecov", '~> 0.2', require: false
+ gem "dependency_checker", '~> 0.2', require: false
+ gem "parallel_tests", '= 3.12.1', require: false
+ gem "pry", '~> 0.10', require: false
+ gem "simplecov-console", '~> 0.5', require: false
+ gem "puppet-debugger", '~> 1.0', require: false
+ gem "rubocop", '= 1.6.1', require: false
+ gem "rubocop-performance", '= 1.9.1', require: false
+ gem "rubocop-rspec", '= 2.0.1', require: false
+ gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "puppet-blacksmith", require: false
+ gem "beaker-rspec", require: false
+ gem "beaker-puppet", require: false
+ gem "beaker-docker", require: false
+ gem "beaker-puppet_install_helper", require: false
+ gem "beaker-module_install_helper", require: false
+ gem "pdk", '2.7.1', require: false
end
group :system_tests do
- gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
- gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby, :x64_mingw]
+ gem "serverspec", '~> 2.41', require: false
end
puppet_version = ENV['PUPPET_GEM_VERSION']
diff --git a/REFERENCE.md b/REFERENCE.md
index bb49d57..4c8cc1f 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -28,35 +28,33 @@ class { 'coturn':
The following parameters are available in the `coturn` class:
-* [`realm`](#realm)
-* [`listening_ips`](#listening_ips)
-* [`listening_port`](#listening_port)
-* [`tls_listening_port`](#tls_listening_port)
-* [`cert`](#cert)
-* [`private_key`](#private_key)
-* [`cipher_list`](#cipher_list)
-* [`dh2066`](#dh2066)
-* [`fingerprint`](#fingerprint)
-* [`lt_cred_mech`](#lt_cred_mech)
-* [`use_auth_secret`](#use_auth_secret)
-* [`static_auth_secret`](#static_auth_secret)
-* [`use_auth_secret`](#use_auth_secret)
-* [`total_quota`](#total_quota)
-* [`bps_capacity`](#bps_capacity)
-* [`stale_nonce`](#stale_nonce)
-* [`no_stdout_log`](#no_stdout_log)
-* [`no_loopback_peers`](#no_loopback_peers)
-* [`no_multicast_peers`](#no_multicast_peers)
-* [`dh2066`](#dh2066)
-* [`tlsv1`](#tlsv1)
-* [`tlsv1_1`](#tlsv1_1)
-* [`tlsv1_2`](#tlsv1_2)
-* [`simple_log`](#simple_log)
-* [`proc_user`](#proc_user)
-* [`proc_group`](#proc_group)
-* [`log_file`](#log_file)
-
-##### <a name="realm"></a>`realm`
+* [`realm`](#-coturn--realm)
+* [`listening_ips`](#-coturn--listening_ips)
+* [`listening_port`](#-coturn--listening_port)
+* [`tls_listening_port`](#-coturn--tls_listening_port)
+* [`cert`](#-coturn--cert)
+* [`private_key`](#-coturn--private_key)
+* [`cipher_list`](#-coturn--cipher_list)
+* [`fingerprint`](#-coturn--fingerprint)
+* [`lt_cred_mech`](#-coturn--lt_cred_mech)
+* [`static_auth_secret`](#-coturn--static_auth_secret)
+* [`use_auth_secret`](#-coturn--use_auth_secret)
+* [`total_quota`](#-coturn--total_quota)
+* [`bps_capacity`](#-coturn--bps_capacity)
+* [`stale_nonce`](#-coturn--stale_nonce)
+* [`no_stdout_log`](#-coturn--no_stdout_log)
+* [`no_loopback_peers`](#-coturn--no_loopback_peers)
+* [`no_multicast_peers`](#-coturn--no_multicast_peers)
+* [`dh2066`](#-coturn--dh2066)
+* [`tlsv1`](#-coturn--tlsv1)
+* [`tlsv1_1`](#-coturn--tlsv1_1)
+* [`tlsv1_2`](#-coturn--tlsv1_2)
+* [`simple_log`](#-coturn--simple_log)
+* [`proc_user`](#-coturn--proc_user)
+* [`proc_group`](#-coturn--proc_group)
+* [`log_file`](#-coturn--log_file)
+
+##### <a name="-coturn--realm"></a>`realm`
Data type: `Stdlib::Fqdn`
@@ -64,7 +62,7 @@ Name (fully qualified domain name) of the Coturn server
Default value: `$facts['networking']['fqdn']`
-##### <a name="listening_ips"></a>`listening_ips`
+##### <a name="-coturn--listening_ips"></a>`listening_ips`
Data type: `Array[Stdlib::IP::Address]`
@@ -73,7 +71,7 @@ If no IP(s) specified, then all IPv4 and IPv6 system IPs will be used for listen
Default value: `[]`
-##### <a name="listening_port"></a>`listening_port`
+##### <a name="-coturn--listening_port"></a>`listening_port`
Data type: `Stdlib::Port`
@@ -81,7 +79,7 @@ TURN listener port for UDP and TCP (plain).
Default value: `3478`
-##### <a name="tls_listening_port"></a>`tls_listening_port`
+##### <a name="-coturn--tls_listening_port"></a>`tls_listening_port`
Data type: `Stdlib::Port`
@@ -92,23 +90,23 @@ in terms of functionality. Keeping both endpoints satisfy the RFC 5766 specs.
Default value: `5349`
-##### <a name="cert"></a>`cert`
+##### <a name="-coturn--cert"></a>`cert`
Data type: `Optional[Stdlib::Absolutepath]`
The certificate file use with TLS.
-Default value: ``undef``
+Default value: `undef`
-##### <a name="private_key"></a>`private_key`
+##### <a name="-coturn--private_key"></a>`private_key`
Data type: `Optional[Stdlib::Absolutepath]`
The private key file use with TLS.
-Default value: ``undef``
+Default value: `undef`
-##### <a name="cipher_list"></a>`cipher_list`
+##### <a name="-coturn--cipher_list"></a>`cipher_list`
Data type: `String[1]`
@@ -117,39 +115,23 @@ The default value gives a list of ciphers that the Nmap ssl-enum-ciphers script
Default value: `'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS'`
-##### <a name="dh2066"></a>`dh2066`
-
-Data type: `Boolean`
-
-Use 2066 bits predefined DH TLS key, size of the key is 1066.
-
-Default value: ``true``
-
-##### <a name="fingerprint"></a>`fingerprint`
+##### <a name="-coturn--fingerprint"></a>`fingerprint`
Data type: `Boolean`
Use fingerprints in the TURN messages
-Default value: ``false``
+Default value: `false`
-##### <a name="lt_cred_mech"></a>`lt_cred_mech`
+##### <a name="-coturn--lt_cred_mech"></a>`lt_cred_mech`
Data type: `Boolean`
Use long-term credential mechanism
-Default value: ``false``
-
-##### <a name="use_auth_secret"></a>`use_auth_secret`
-
-Data type: `Boolean`
-
-Turn on secret-based authentication.
+Default value: `false`
-Default value: ``false``
-
-##### <a name="static_auth_secret"></a>`static_auth_secret`
+##### <a name="-coturn--static_auth_secret"></a>`static_auth_secret`
Data type: `Optional[String[1]]`
@@ -157,17 +139,19 @@ Static authentication secret value (typically a long hexadecimal string) for TUR
If not set, then the turn server will try to use the dynamic value in turn_secret table in user database
Note : The actual Puppet module version does not support to modify the turn_secret table in database.
-Default value: ``undef``
+Default value: `undef`
-##### <a name="use_auth_secret"></a>`use_auth_secret`
+##### <a name="-coturn--use_auth_secret"></a>`use_auth_secret`
+
+Data type: `Boolean`
Flag that sets a special WebRTC authorization option that is based upon authentication secret.
The actual value of the secret is defined by option static-auth-secret,
Note : The actual Puppet module version does not support to modify the turn_secret table in database.
-Default value: ``false``
+Default value: `false`
-##### <a name="total_quota"></a>`total_quota`
+##### <a name="-coturn--total_quota"></a>`total_quota`
Data type: `Integer[0]`
@@ -175,7 +159,7 @@ Total allocation quota
Default value: `0`
-##### <a name="bps_capacity"></a>`bps_capacity`
+##### <a name="-coturn--bps_capacity"></a>`bps_capacity`
Data type: `Integer[0]`
@@ -185,7 +169,7 @@ for the sessions, combined (input and output network streams are treated separat
Default value: `0`
-##### <a name="stale_nonce"></a>`stale_nonce`
+##### <a name="-coturn--stale_nonce"></a>`stale_nonce`
Data type: `Integer[0]`
@@ -194,7 +178,7 @@ After the delay, the client will get 438 error and will have to re-authenticate
Default value: `600`
-##### <a name="no_stdout_log"></a>`no_stdout_log`
+##### <a name="-coturn--no_stdout_log"></a>`no_stdout_log`
Data type: `Boolean`
@@ -203,57 +187,59 @@ By default, all log messages are going to both stdout and to
the configured log file. With this option everything will be
going to the configured log only (unless the log file itself is stdout).
-Default value: ``false``
+Default value: `false`
-##### <a name="no_loopback_peers"></a>`no_loopback_peers`
+##### <a name="-coturn--no_loopback_peers"></a>`no_loopback_peers`
Data type: `Boolean`
Flag that can be used to disallow peers on the loopback addresses (127.x.x.x and ::1).
This is an extra security measure.
-Default value: ``false``
+Default value: `false`
-##### <a name="no_multicast_peers"></a>`no_multicast_peers`
+##### <a name="-coturn--no_multicast_peers"></a>`no_multicast_peers`
Data type: `Boolean`
Flag that can be used to disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*).
This is an extra security measure.
-Default value: ``false``
+Default value: `false`
+
+##### <a name="-coturn--dh2066"></a>`dh2066`
-##### <a name="dh2066"></a>`dh2066`
+Data type: `Boolean`
Use 2066 bits predefined DH TLS key. Default size of the key is 1066.
-Default value: ``true``
+Default value: `true`
-##### <a name="tlsv1"></a>`tlsv1`
+##### <a name="-coturn--tlsv1"></a>`tlsv1`
Data type: `Boolean`
Allow an TLS/DTLS version of protocol v1
-Default value: ``false``
+Default value: `false`
-##### <a name="tlsv1_1"></a>`tlsv1_1`
+##### <a name="-coturn--tlsv1_1"></a>`tlsv1_1`
Data type: `Boolean`
Allow an TLS/DTLS version of protocol v1.1
-Default value: ``false``
+Default value: `false`
-##### <a name="tlsv1_2"></a>`tlsv1_2`
+##### <a name="-coturn--tlsv1_2"></a>`tlsv1_2`
Data type: `Boolean`
Allow an TLS/DTLS version of protocol v1.2
-Default value: ``true``
+Default value: `true`
-##### <a name="simple_log"></a>`simple_log`
+##### <a name="-coturn--simple_log"></a>`simple_log`
Data type: `Boolean`
@@ -261,9 +247,9 @@ This flag means that no log file rollover will be used, and the log file
name will be constructed as-is, without PID and date appendage.
This option can be used together with the logrotate tool.
-Default value: ``true``
+Default value: `true`
-##### <a name="proc_user"></a>`proc_user`
+##### <a name="-coturn--proc_user"></a>`proc_user`
Data type: `String[1]`
@@ -271,7 +257,7 @@ User name to run the process, after the initialization of turnserver.
Default value: `'turnserver'`
-##### <a name="proc_group"></a>`proc_group`
+##### <a name="-coturn--proc_group"></a>`proc_group`
Data type: `String[1]`
@@ -279,7 +265,7 @@ Group name to run the process, after the initialization of turnserver.
Default value: `'turnserver'`
-##### <a name="log_file"></a>`log_file`
+##### <a name="-coturn--log_file"></a>`log_file`
Data type: `Optional[Variant[Stdlib::Absolutepath,Enum['syslog','stdout']]]`
diff --git a/manifests/init.pp b/manifests/init.pp
index ddaf3b0..b63a385 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -26,14 +26,10 @@
# @param cipher_list
# Allowed OpenSSL cipher list for TLS/DTLS connections.
# The default value gives a list of ciphers that the Nmap ssl-enum-ciphers script notes A in january 2022.
-# @param dh2066
-# Use 2066 bits predefined DH TLS key, size of the key is 1066.
# @param fingerprint
# Use fingerprints in the TURN messages
# @param lt_cred_mech
# Use long-term credential mechanism
-# @param use_auth_secret
-# Turn on secret-based authentication.
# @param static_auth_secret
# Static authentication secret value (typically a long hexadecimal string) for TURN REST API only.
# If not set, then the turn server will try to use the dynamic value in turn_secret table in user database
@@ -110,7 +106,6 @@ class coturn (
Optional[Variant[Stdlib::Absolutepath,Enum['syslog','stdout']]] $log_file = '/var/log/coturn/turnserver.log',
String[1] $cipher_list = 'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS',
) {
-
$_coturn_package = 'coturn' # Ubuntu 18.04 ==> Coturn v4.5.0.7
$_coturn_config = '/etc/turnserver.conf'
$_coturn_sqlitedbpath = '/var/lib/turn'
@@ -185,6 +180,6 @@ class coturn (
require => [
Package[$_coturn_package],
File[$_coturn_config],
- ]
+ ],
}
}
diff --git a/metadata.json b/metadata.json
index e4595f3..b327495 100644
--- a/metadata.json
+++ b/metadata.json
@@ -44,7 +44,7 @@
"coturn",
"webrtc"
],
- "pdk-version": "2.3.0",
- "template-url": "https://github.com/puppetlabs/pdk-templates#2.3.0",
- "template-ref": "tags/2.3.0-0-g8aaceff"
+ "pdk-version": "2.7.1",
+ "template-url": "https://github.com/puppetlabs/pdk-templates#2.7.4",
+ "template-ref": "tags/2.7.4-0-g58edf57"
}
diff --git a/spec/acceptance/coturn_spec.rb b/spec/acceptance/coturn_spec.rb
index f2d02af..7507b28 100644
--- a/spec/acceptance/coturn_spec.rb
+++ b/spec/acceptance/coturn_spec.rb
@@ -1,5 +1,7 @@
require 'spec_helper_acceptance'
+# rubocop:disable RSpec/RepeatedDescription
+
ip_server = fact('networking.ip')
fqdn_server = fact('networking.fqdn')
log_file = '/var/log/coturn/turnserver.log'
--
GitLab