From c932a958e7f967633663380c097b1dabebd765ea Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Tue, 9 Jul 2024 16:14:57 +0200
Subject: [PATCH 01/10] modulesync 9.1.0

---
 Gemfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 27cdc0de..7123c663 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,7 +4,7 @@
 source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 
 group :test do
-  gem 'voxpupuli-test', '~> 8.0',   :require => false
+  gem 'voxpupuli-test', '~> 9.0',   :require => false
   gem 'coveralls',                  :require => false
   gem 'simplecov-console',          :require => false
   gem 'puppet_metadata', '~> 4.0',  :require => false

From f90426f682497ad91c5ef1872d60ed5ce8948a7d Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Fri, 13 Sep 2024 14:48:37 +0200
Subject: [PATCH 02/10] modulesync 9.2.0

---
 .github/workflows/ci.yml      | 3 ++-
 .github/workflows/labeler.yml | 1 +
 .github/workflows/release.yml | 1 +
 .msync.yml                    | 2 +-
 Gemfile                       | 2 +-
 5 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 1f82c4c9..8c32acf9 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -4,6 +4,7 @@
 
 name: CI
 
+# yamllint disable-line rule:truthy
 on:
   pull_request: {}
   push:
@@ -18,4 +19,4 @@ concurrency:
 jobs:
   puppet:
     name: Puppet
-    uses: voxpupuli/gha-puppet/.github/workflows/beaker.yml@v2
+    uses: voxpupuli/gha-puppet/.github/workflows/beaker.yml@v3
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index 66127cd0..73be88dc 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -4,6 +4,7 @@
 
 name: "Pull Request Labeler"
 
+# yamllint disable-line rule:truthy
 on:
   pull_request_target: {}
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 93b33c2b..1b147750 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -4,6 +4,7 @@
 
 name: Release
 
+# yamllint disable-line rule:truthy
 on:
   push:
     tags:
diff --git a/.msync.yml b/.msync.yml
index 95e8c977..8606f6ec 100644
--- a/.msync.yml
+++ b/.msync.yml
@@ -2,4 +2,4 @@
 # Managed by modulesync - DO NOT EDIT
 # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
 
-modulesync_config_version: '9.1.0'
+modulesync_config_version: '9.2.0'
diff --git a/Gemfile b/Gemfile
index 7123c663..2ac98f89 100644
--- a/Gemfile
+++ b/Gemfile
@@ -26,7 +26,7 @@ end
 gem 'rake', :require => false
 gem 'facter', ENV['FACTER_GEM_VERSION'], :require => false, :groups => [:test]
 
-puppetversion = ENV['PUPPET_GEM_VERSION'] || '~> 7.24'
+puppetversion = ENV['PUPPET_GEM_VERSION'] || [">= 7.24", "< 9"]
 gem 'puppet', puppetversion, :require => false, :groups => [:test]
 
 # vim: syntax=ruby

From 2a649e6e9a7a7be8b04794dc9caec1ebc7e2f40e Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Fri, 13 Sep 2024 15:21:05 +0200
Subject: [PATCH 03/10] Switch unit tests to CERN runner

---
 .github/workflows/ci.yml | 2 ++
 .sync.yml                | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8c32acf9..f9a5c9d0 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,3 +20,5 @@ jobs:
   puppet:
     name: Puppet
     uses: voxpupuli/gha-puppet/.github/workflows/beaker.yml@v3
+    with:
+      unit_runs_on: 'cern-self-hosted'
diff --git a/.sync.yml b/.sync.yml
index b1b40cec..65631e60 100644
--- a/.sync.yml
+++ b/.sync.yml
@@ -6,3 +6,7 @@ spec/spec_helper_acceptance.rb:
   enabled_lint_checks:
     - parameter_documentation
     - parameter_types
+
+.github/workflows/ci.yml:
+  with:
+    unit_runs_on: 'cern-self-hosted'

From 74595d309928b804bdcc97655e13d371d351160b Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Mon, 16 Sep 2024 20:54:25 +0200
Subject: [PATCH 04/10] modulesync 9.3.0

---
 .github/workflows/release.yml | 2 +-
 .msync.yml                    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1b147750..4adf65cd 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -13,7 +13,7 @@ on:
 jobs:
   release:
     name: Release
-    uses: voxpupuli/gha-puppet/.github/workflows/release.yml@v2
+    uses: voxpupuli/gha-puppet/.github/workflows/release.yml@v3
     with:
       allowed_owner: 'voxpupuli'
     secrets:
diff --git a/.msync.yml b/.msync.yml
index 8606f6ec..ac84b45d 100644
--- a/.msync.yml
+++ b/.msync.yml
@@ -2,4 +2,4 @@
 # Managed by modulesync - DO NOT EDIT
 # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
 
-modulesync_config_version: '9.2.0'
+modulesync_config_version: '9.3.0'

From 1d33129165c7290ca769d152f6e556ec33a63f5e Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Wed, 5 Feb 2025 10:29:27 +0100
Subject: [PATCH 05/10] modulesync 9.4.0

---
 .github/workflows/prepare_release.yml | 23 +++++++++++++++++++++++
 .github/workflows/release.yml         |  7 -------
 .msync.yml                            |  2 +-
 .vscode/extensions.json               |  6 ------
 4 files changed, 24 insertions(+), 14 deletions(-)
 create mode 100644 .github/workflows/prepare_release.yml
 delete mode 100644 .vscode/extensions.json

diff --git a/.github/workflows/prepare_release.yml b/.github/workflows/prepare_release.yml
new file mode 100644
index 00000000..01efa1a8
--- /dev/null
+++ b/.github/workflows/prepare_release.yml
@@ -0,0 +1,23 @@
+---
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+name: 'Prepare Release'
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Module version to be released. Must be a valid semver string without leading v. (1.2.3)'
+        required: false
+
+jobs:
+  release_prep:
+    uses: 'voxpupuli/gha-puppet/.github/workflows/prepare_release.yml@v3'
+    with:
+      version: ${{ github.event.inputs.version }}
+      allowed_owner: 'voxpupuli'
+    secrets:
+      # Configure secrets here:
+      #  https://docs.github.com/en/actions/security-guides/encrypted-secrets
+      github_pat: '${{ secrets.PCCI_PAT_RELEASE_PREP }}'
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4adf65cd..3db60fbc 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -21,10 +21,3 @@ jobs:
       #  https://docs.github.com/en/actions/security-guides/encrypted-secrets
       username: ${{ secrets.PUPPET_FORGE_USERNAME }}
       api_key: ${{ secrets.PUPPET_FORGE_API_KEY }}
-
-  create-github-release:
-    name: Create GitHub Release
-    runs-on: ubuntu-latest
-    steps:
-      - name: Create GitHub release
-        uses: voxpupuli/gha-create-a-github-release@v1
diff --git a/.msync.yml b/.msync.yml
index ac84b45d..36e892e9 100644
--- a/.msync.yml
+++ b/.msync.yml
@@ -2,4 +2,4 @@
 # Managed by modulesync - DO NOT EDIT
 # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
 
-modulesync_config_version: '9.3.0'
+modulesync_config_version: '9.4.0'
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
deleted file mode 100644
index 2f1e4f73..00000000
--- a/.vscode/extensions.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-  "recommendations": [
-    "puppet.puppet-vscode",
-    "rebornix.Ruby"
-  ]
-}

From dab19d297499c53082dd6b7bfc62f90076f44ba1 Mon Sep 17 00:00:00 2001
From: Kenyon Ralph <kenyon@kenyonralph.com>
Date: Wed, 5 Feb 2025 14:20:02 -0800
Subject: [PATCH 06/10] regenerate REFERENCE.md

---
 REFERENCE.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/REFERENCE.md b/REFERENCE.md
index 1a8f89f6..9a11d9fa 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -1727,10 +1727,10 @@ Insert a file into the nftables configuration
 
 ```puppet
 nftables::file{'geoip':
-  content => @(EOT)
+  content => @(EOT),
     include "/var/local/geoipsets/dbip/nftset/ipv4/*.ipv4"
     include "/var/local/geoipsets/dbip/nftset/ipv6/*.ipv6"
-    |EOT,
+    |EOT
 }
 ```
 

From aedd93257bed4d48cad0339dbec1ad8cf9584bf1 Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Wed, 5 Feb 2025 23:33:54 +0100
Subject: [PATCH 07/10] set service provider to systemd in unit tests

---
 spec/support/spec/mock.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 spec/support/spec/mock.rb

diff --git a/spec/support/spec/mock.rb b/spec/support/spec/mock.rb
new file mode 100644
index 00000000..434ced74
--- /dev/null
+++ b/spec/support/spec/mock.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+RSpec.configure do |c|
+  c.before do
+    # select the systemd service provider even when on docker
+    # https://tickets.puppetlabs.com/browse/PUP-11167
+    allow(Puppet::FileSystem).to receive(:exist?).and_call_original
+    allow(Puppet::FileSystem).to receive(:exist?).with('/proc/1/comm').and_return(true)
+    allow(Puppet::FileSystem).to receive(:read).and_call_original
+    allow(Puppet::FileSystem).to receive(:read).with('/proc/1/comm').and_return(['systemd'])
+  end
+end

From 6097389c69955340e5a800aedbf6f3ad3a4abe37 Mon Sep 17 00:00:00 2001
From: Tim Meusel <tim@bastelfreak.de>
Date: Wed, 5 Feb 2025 23:34:11 +0100
Subject: [PATCH 08/10] init.pp: Purge trailing whitespace

---
 manifests/init.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index f1255127..8d867108 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -242,7 +242,7 @@
       notify   => Service['nftables'],
     }
 
-    # Generate nftables hash upon changes to the nftables service 
+    # Generate nftables hash upon changes to the nftables service
     exec { 'nftables_generate_hash':
       command     => ["nft -s list ruleset | sha1sum > ${inmem_rules_hash_file}"],
       path        => $facts['path'],

From 25528bfc63df27900cc2f91ef32bd4ccddef7382 Mon Sep 17 00:00:00 2001
From: Steve Traylen <steve.traylen@cern.ch>
Date: Thu, 6 Feb 2025 21:08:30 +0100
Subject: [PATCH 09/10] Install netbase for /etc/services file

---
 spec/setup_acceptance_node.pp | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 spec/setup_acceptance_node.pp

diff --git a/spec/setup_acceptance_node.pp b/spec/setup_acceptance_node.pp
new file mode 100644
index 00000000..6ae0892f
--- /dev/null
+++ b/spec/setup_acceptance_node.pp
@@ -0,0 +1,12 @@
+
+
+# We need to have a /etc/services file to avoid:
+# `Servname not supported for ai_socktype` during nft validate
+# maybe module itself should install this package
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995343
+
+if $facts['os']['name'] == 'Ubuntu' and $facts['os']['release']['major'] == '20.04' {
+  package{'netbase':
+    ensure => present,
+  }
+}

From 1d9885996e98c867c2fdfbee4be8fe26e49731ed Mon Sep 17 00:00:00 2001
From: Steve Traylen <steve.traylen@cern.ch>
Date: Thu, 6 Feb 2025 21:37:49 +0100
Subject: [PATCH 10/10] Revert "Install netbase for /etc/services file"

This reverts commit 25528bfc63df27900cc2f91ef32bd4ccddef7382.
---
 spec/setup_acceptance_node.pp | 12 ------------
 1 file changed, 12 deletions(-)
 delete mode 100644 spec/setup_acceptance_node.pp

diff --git a/spec/setup_acceptance_node.pp b/spec/setup_acceptance_node.pp
deleted file mode 100644
index 6ae0892f..00000000
--- a/spec/setup_acceptance_node.pp
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-# We need to have a /etc/services file to avoid:
-# `Servname not supported for ai_socktype` during nft validate
-# maybe module itself should install this package
-# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995343
-
-if $facts['os']['name'] == 'Ubuntu' and $facts['os']['release']['major'] == '20.04' {
-  package{'netbase':
-    ensure => present,
-  }
-}