Merge branch '108-remove-unused-code-keytab' into 'master'

Resolve "remove unused code"

Closes #108

See merge request !107

manifests/config/keytab.pp

-#
-# @summary Configures keytab for admin user on FreeIPA master. 
-#
-# @example
-#   include freeipa::config::keytab
-#
-# @api private
-#
-class freeipa::config::keytab {
-  assert_private()
-
-  if $facts['iparole'] == 'master' or $freeipa::ipa_role == 'master' {
-
-    $_uid_number = $freeipa::idstart
-    $_home_dir_path = '/home/admin'
-    $_admin_keytab = "${_home_dir_path}/admin.keytab"
-
-    # Ensure admin homedir and keytab files.
-    file { $_home_dir_path:
-      ensure  => directory,
-      mode    => '0700',
-      owner   => $_uid_number,
-      group   => $_uid_number,
-      require => Exec["server_install_${freeipa::ipa_server_fqdn}"],
-    }
-
-    # Set keytab for admin user.
-    exec { 'ktadd admin keytab':
-      command => "/usr/sbin/kadmin.local -q \"ktadd -norandkey -k ${_admin_keytab} admin\"",
-      cwd     => $_home_dir_path,
-      unless  => "/usr/bin/kvno -k ${_admin_keytab} admin@${freeipa::realm}",
-      require => File[$_home_dir_path],
-      notify  => File[$_admin_keytab],
-    }
-
-    file { $_admin_keytab :
-      owner   => $_uid_number,
-      group   => $_uid_number,
-      mode    => '0600',
-      require => File[$_home_dir_path],
-    }
-  } else {
-    # manage keytab only on master
-  }
-}

manifests/init.pp

@@ -108,20 +108,12 @@ class freeipa (
     fail('This module is only supported on Linux.')
   }
 
-  $master_principals = suffix(
-    prefix(
-      [$ipa_server_fqdn],
-      'host/'
-    ),
-    "@${realm}"
-  )
-
   if $ipa_role == 'client' {
     $final_configure_dns_server = false
   } else {
     $final_configure_dns_server = $configure_dns_server
   }
 
-  class {'::freeipa::install':}
+  include freeipa::install
 
 }

manifests/install.pp

@@ -21,11 +21,20 @@ class freeipa::install {
 
   # Note: sssd.conf handled by ipa-server-install.
   if $freeipa::install_sssd {
-    contain 'freeipa::install::sssd'
+    package { $freeipa::sssd_package_name:
+      ensure => present,
+    }
   }
 
   if $freeipa::install_autofs {
-    contain 'freeipa::install::autofs'
+    package { $freeipa::autofs_package_name:
+      ensure => present,
+    }
+
+    service { 'autofs':
+      ensure => 'running',
+      enable => true,
+    }
   }
 
   if $freeipa::install_sssdtools {

manifests/install/autofs.pp

-#
-# @summary Installs and start autofs
-#
-# @example
-#   include freeipa::install::autofs
-#
-class freeipa::install::autofs {
-
-  package { $freeipa::autofs_package_name:
-    ensure => present,
-  }
-
-  service { 'autofs':
-    ensure => 'running',
-    enable => true,
-  }
-}

manifests/install/sssd.pp

-#
-# @summary Install sssd package
-#
-# @example
-#   include freeipa::install::sssd
-#
-# @api private
-#
-class freeipa::install::sssd {
-  assert_private()
-
-  package { $freeipa::sssd_package_name:
-    ensure => present,
-  }
-
-}

spec/acceptance/nodesets/centos8.yml

----
-HOSTS:
-  ipa-server-1:
-    roles:
-    - default
-    - master
-    - centos
-    platform: el-8-x86_64
-    hypervisor: vagrant
-    box: centos/8
-    box_check_update: false
-    vagrant_memsize: 2048
-    vagrant_cpus: 2
-    ip: 10.10.10.35
-  ipa-server-2:
-    roles:
-    - replica
-    - centos
-    platform: el-8-x86_64
-    hypervisor: vagrant
-    box: centos/8
-    box_check_update: false
-    vagrant_memsize: 2048
-    vagrant_cpus: 2
-    ip: 10.10.10.36
-  ipa-client-centos:
-    roles:
-    - client
-    - client-centos7
-    - centos
-    platform: el-7-x86_64
-    hypervisor: vagrant
-    box: centos/7
-    box_version: 1809.01
-    box_check_update: false
-    vagrant_memsize: 1024
-    ip: 10.10.10.37
-  ipa-client-ubuntu16:
-    roles:
-    - client
-    - client-ubuntu16
-    platform: ubuntu-1604-amd64
-    hypervisor: vagrant
-    box: ubuntu/xenial64
-    box_version: 20181114.0.0
-    box_check_update: false
-    vagrant_memsize: 1024
-    ip: 10.10.10.38
-
-CONFIG:
-  type: foss
-  loglevel: debug

spec/classes/init_spec.rb

@@ -22,10 +22,8 @@ describe 'freeipa', type: :class do
 
               it { is_expected.to contain_class('freeipa::install') }
               it { is_expected.to contain_class('freeipa::install::server') }
-              it { is_expected.to contain_class('freeipa::install::sssd') }
               it { is_expected.to contain_class('freeipa::install::server::master') }
 
-              it { is_expected.not_to contain_class('freeipa::install::autofs') }
               it { is_expected.not_to contain_class('freeipa::install::server::replica') }
               it { is_expected.not_to contain_class('freeipa::install::client') }
 
@@ -57,10 +55,8 @@ describe 'freeipa', type: :class do
 
               it { is_expected.to contain_class('freeipa::install') }
               it { is_expected.to contain_class('freeipa::install::server') }
-              it { is_expected.to contain_class('freeipa::install::sssd') }
               it { is_expected.to contain_class('freeipa::install::server::replica') }
 
-              it { is_expected.not_to contain_class('freeipa::install::autofs') }
               it { is_expected.not_to contain_class('freeipa::install::server::master') }
               it { is_expected.not_to contain_class('freeipa::install::client') }
 
@@ -93,10 +89,8 @@ describe 'freeipa', type: :class do
           end
 
           it { is_expected.to contain_class('freeipa::install') }
-          it { is_expected.to contain_class('freeipa::install::sssd') }
           it { is_expected.to contain_class('freeipa::install::client') }
 
-          it { is_expected.not_to contain_class('freeipa::install::autofs') }
           it { is_expected.not_to contain_class('freeipa::install::server') }
           it { is_expected.not_to contain_class('freeipa::install::server::master') }
           it { is_expected.not_to contain_class('freeipa::install::server::replica') }

spec/classes/install/autofs_spec.rb

-
-
-require 'spec_helper'
-
-describe 'freeipa::install::autofs' do
-  on_supported_os.each do |os, os_facts|
-    context "on #{os}" do
-      let(:facts) { os_facts }
-      let(:pre_condition) do
-        manifest = <<-EOS
-          class{ 'freeipa' :
-            ipa_role                    => 'master',
-            ipa_master_fqdn             => 'master.example.lan',
-            ipa_server_fqdn             => 'foo.example.lan',
-            domain                      => 'example.lan',
-            password_usedto_joindomain  => 'foobartest',
-            puppet_admin_password       => 'foobartest',
-            directory_services_password => 'foobartest',
-            ip_address                  => '10.10.10.35',
-          }
-        EOS
-        manifest
-      end
-
-      it { is_expected.to compile }
-    end
-  end
-end

spec/classes/install/sssd_spec.rb

-
-
-require 'spec_helper'
-
-describe 'freeipa::install::sssd' do
-  on_supported_os.each do |os, os_facts|
-    context "on #{os}" do
-      let(:facts) { os_facts }
-      let(:pre_condition) do
-        manifest = <<-EOS
-          class{ 'freeipa' :
-            ipa_role                    => 'master',
-            ipa_master_fqdn             => 'master.example.lan',
-            ipa_server_fqdn             => 'foo.example.lan',
-            domain                      => 'example.lan',
-            password_usedto_joindomain  => 'foobartest',
-            puppet_admin_password       => 'foobartest',
-            directory_services_password => 'foobartest',
-            ip_address                  => '10.10.10.35',
-          }
-        EOS
-        manifest
-      end
-
-      it { is_expected.to compile }
-    end
-  end
-end